Built with Alectryon, running Coq+SerAPI v8.13.0+0.13.0. Bubbles () indicate interactive fragments: hover for details, tap to reveal contents. Use Ctrl+↑ Ctrl+↓ to navigate, Ctrl+🖱️ to focus. On Mac, use instead of Ctrl.
From iris.algebra   Require Import gmap_view.            (* Definition of [gmap_view] RA. *)
From iris.proofmode Require Import base tactics classes. (* Iris's tactics.               *)

From hazel          Require Import weakestpre deep_handler.
From hazel          Require Import notation tactics.

Set Default Proof Using "Type".

(* auto_diff.v *)


(** * Implementation. *)

(** In this section, we introduce an implementation of reverse mode automatic
    differentiation written in our calculus [HH]. This is the code that we are
    going to study throughout this theory. The idea is to use effects as a way
    to infer the sequence of arithmetic operations performed by the client
    during its evaluation. This list is known in the literature as the Wengert
    list.

    Notice that this idea is not new. Many implementations of reverse mode AD
    using effect handlers or delimited continuations already exist.
*)

Section implementation.

(** The typeclass [Num] provides a concrete implementation of a semiring [R]
    (to be defined later). This means that elements of [R] are accessible in
    [HH] trough the interface [Num].
*)

Class Num := {
  nzero  : val;
  none   : val; (* <- Not to be confused with [None]! *)
  nadd   : val;
  nmul   : val;
}.

Section RMAD.

  Definition create {N : Num} : val := λ: "n", InjR ("n", ref nzero).

  Definition zero  : val := InjLV (InjLV #()).
  Definition one   : val := InjLV (InjRV #()).
  Definition add   : val := λ: "a" "b", do: (InjLV #(), ("a", "b")).
  Definition mul   : val := λ: "a" "b", do: (InjRV #(), ("a", "b")).

  Definition get_val {N : Num} : val := λ: "x",
    match: "x" with
      (* Constant. *) InjL "x" =>
       match: "x" with
         (* Zero. *) InjL <> => nzero
       | (* One.  *) InjR <> => none
       end
    | (* Variable. *) InjR "x" => Fst "x"
    end.

  Definition get_diff : val := λ: "x",
    match: "x" with
      (* Constant. *) InjL <>  => #() #() (* Unreachable. *)
    | (* Variable. *) InjR "x" => Load (Snd "x")
    end.

  Definition update {N : Num} : val := λ: "x" "incr",
    match: "x" with
      (* Constant. *) InjL <>  => #()
    | (* Variable. *) InjR "x" =>
      let: "xd" := Snd "x" in
      "xd" <- nadd (Load "xd") "incr"
    end.

  Definition handle {N : Num} : val := λ: "f" "seed",
    try: "f" "seed" with
      effect (λ: "args" "k",
        let: "op" := Fst      "args"  in
        let: "a"  := Fst (Snd "args") in
        let: "b"  := Snd (Snd "args") in

        let: "av" := get_val "a"      in
        let: "bv" := get_val "b"      in

        match: "op" with
          (* Add *) InjL <> =>
           let: "x" := create (nadd "av" "bv") in
           "k" "x";;
           let: "xd" := get_diff "x" in
           update "a" "xd";;
           update "b" "xd"

        | (* Mul *) InjR <> =>
           let: "x" := create (nmul "av" "bv") in
           "k" "x";;
           let: "xd" := get_diff "x"   in
           let: "ad" := nmul "bv" "xd" in
           let: "bd" := nmul "av" "xd" in
           update "a" "ad";;
           update "b" "bd"
        end
      )
    | return (λ: "res",
           update "res" none)
    end.

  Program Instance ADNum : Num := {
    nzero := zero;
    none  := one;
    nadd  := add;
    nmul  := mul;
  }.

  Definition diff (f : Num → expr) (N : Num) : expr :=
    let: "vf" := f ADNum in
    λ: "a",
      let: "x" := @create N "a" in
      @handle N "vf" "x";;
      get_diff "x".

End RMAD.

End implementation.


(** * Mathematics. *)

(** We define the mathematical notions for this case study. These definitions
    form the basis of a precise language for explaining AD. They appear in the
    specification of the algorithm and in the arguments conveying its correctness.
*)

(** The typeclass [RingSig] bundles the operations of a ring and [IsRing]
    bundles the axioms of a semiring. It will be useful in specifying the
    interface of numerical values.
*)

Class RingSig (R : Set) := {
  rzero : R;
  rone  : R;
  radd  : R → R → R;
  rmul  : R → R → R;
  req   : R → R → Prop;
}.

Class IsRing (R : Set) {RS : RingSig R} := {
  req_equiv :> Equivalence req;
  radd_ext  :> Proper (req ==> req ==> req) radd;
  rmul_ext  :> Proper (req ==> req ==> req) rmul;

  is_semi_ring : semi_ring_theory rzero rone radd rmul req
}.

Section definitions.

Inductive Binop : Set := Add | Mul.

Inductive Expr (I : Set) : Set :=
  Zero | One | Leaf (i : I) | Node (op : Binop) (el er : Expr I).

Definition vars {I : Set} `{CI : Countable I} : Expr I → gset I :=
  fix vars (e : Expr I) : gset I :=
    match e with
    | Zero _
    | One  _         => ∅
    | Leaf _ i       => {[i]}
    | Node _ _ el er => vars el ∪ vars er
    end.

Definition bind {I J : Set} (f : I → Expr J) : Expr I → Expr J :=
  fix bind (e : Expr I) : Expr J :=
    match e with
    | Zero _          => Zero _
    | One  _          => One  _
    | Leaf _ i        => f i
    | Node _ op el er => Node _ op (bind el) (bind er)
    end.

Definition map {I J : Set} (ϱ : I → J) : Expr I → Expr J :=
  bind (λ i, Leaf _ (ϱ i)).

Definition denote {R : Set} {RS : RingSig R} : Binop → R → R → R :=
  λ op, match op with Add => radd | Mul => rmul end.

Definition eval {R : Set} {RS : RingSig R} : Expr R → R :=
  fix eval (e : Expr R) : R :=
    match e with
    | Zero _          => rzero
    | One  _          => rone
    | Leaf _ r        => r
    | Node _ op el er => denote op (eval el) (eval er)
    end.

Inductive Expr_equiv {I : Set} : Expr I → Expr I → Prop :=
 (* Equivalence. *)
 | Expr_equiv_refl  e        :
     Expr_equiv e e
 | Expr_equiv_symm  e₁ e₂    :
     Expr_equiv e₁ e₂ → Expr_equiv e₂ e₁
 | Expr_equiv_trans e₁ e₂ e₃ :
     Expr_equiv e₁ e₂ → Expr_equiv e₂ e₃ → Expr_equiv e₁ e₃

 (* [Node _ Add] and [Node _ Mul] are instances of [Proper]. *)
 | Expr_equiv_ext op :
     Proper (Expr_equiv ==> Expr_equiv ==> Expr_equiv) (Node _ op)

 (* Semiring axioms. *)
 | (* SRadd_0_l. *)
   Expr_equiv_add_0_l e :
     Expr_equiv (Node _ Add (Zero _) e) e
 | (* SR(add|mul)_comm. *)
   Expr_equiv_comm op e₁ e₂ :
     Expr_equiv (Node _ op e₁ e₂) (Node _ op e₂ e₁)
 | (* SR(add|mul)_assoc. *)
   Expr_equiv_assoc op e₁ e₂ e₃ :
     Expr_equiv (Node _ op e₁ (Node _ op e₂ e₃))
                (Node _ op (Node _ op e₁ e₂) e₃)
 | (* SRmul_1_l. *)
   Expr_equiv_mul_1_l e :
     Expr_equiv (Node _ Mul (One  _) e) e
 | (* SRmul_0_l. *)
   Expr_equiv_mul_0_l e :
     Expr_equiv (Node _ Mul (Zero _) e) (Zero _)
 | (* SRdistr_l. *)
   Expr_equiv_distr_l e₁ e₂ e₃ :
     Expr_equiv (Node _ Mul (Node _ Add e₁ e₂) e₃)
                (Node _ Add (Node _ Mul e₁ e₃) (Node _ Mul e₂ e₃)).

Global Instance ExprRing (I : Set) : RingSig (Expr I) := {
  rzero := Zero I;
  rone  := One  I;
  radd  := Node I Add;
  rmul  := Node I Mul;
  req   := Expr_equiv;
}.

Definition diffₑ
  {R : Set} {RS : RingSig R}
  {I : Set} {EI : EqDecision I}
  (ϱ : I → R) : Expr I → I → R :=
  fix diff (e : Expr I) (i : I) : R :=
    match e with
    | Zero _           => rzero
    | One  _           => rzero
    | Leaf _ j         => if decide (i = j) then rone else rzero
    | Node _ Add el er => radd (diff el i) (diff er i)
    | Node _ Mul el er => radd (rmul (diff el i) (eval (map ϱ er)))
                               (rmul (eval (map ϱ el)) (diff er i))
    end.

Definition node : Set := (Binop * val * val)%type.

Definition context : Set := list (val * node)%type.

Definition defs (K : context) : list val := K.*1.

Definition overwrite {A B : Set} {EA : EqDecision A} (f : A → B) (a : A) (b : B) : A → B :=
  λ x, if decide (a = x) then b else f x.

Definition filling : context → val → Expr val :=
  foldl
    (* Inductive case: *) (λ filling '(x, (op, a, b)),
      overwrite filling x (Node _ op (filling a) (filling b)))
    (* Base case: *) (λ y, Leaf _ y).

Definition extension {R : Set} {RS : RingSig R} (ϱ : val → R) (K : context) : val → R :=
  foldl (λ ϱ '(x, (op, a, b)), overwrite ϱ x (denote op (ϱ a) (ϱ b))) ϱ K.

End definitions.

(** Mathematical notation. *)

(* TODO: Better ways to define notation? *)
Notation "'Oᵣ'" := rzero (at level 50).
Notation "'Iᵣ'" := rone  (at level 50).
Infix "+ᵣ" := radd (at level 70).
Infix "×ᵣ" := rmul (at level 50).
Infix "=ᵣ" := req  (at level 70).

Notation "'Oₑ'" := (Zero _) (at level 50).
Notation "'Iₑ'" := (One  _) (at level 50).
Notation "'Xₑ'" := (Leaf () tt) (at level 50).
Infix "+ₑ" := (Node _ Add) (at level 70).
Infix "×ₑ" := (Node _ Mul) (at level 50).
Infix "=ₑ" := (Expr_equiv) (at level 70).

Notation "'Let' K '.in' y" := (filling K y) (at level 70).
Notation "f '.{[' a ':=' b ']}'" := (overwrite f a b) (at level 70).
Notation "ϱ '.{[' K ']}'" := (extension ϱ K) (at level 70).
Notation "'∂' e './' '∂' i '.at' ϱ" := (diffₑ ϱ e i) (at level 70).

Section properties.


EqDecision Binop

EqDecision Binop
solve_decision. Qed.
I: Set
EI: EqDecision I

EqDecision (Expr I)
I: Set
EI: EqDecision I

EqDecision (Expr I)
solve_decision. Qed.

EqDecision context

EqDecision context
solve_decision. Qed. (** [vars]. *) Section vars. Context {I : Set} `{CI : Countable I}.
I: Set
EqDecision0: EqDecision I
CI: Countable I

vars (Oₑ) = (∅ : gset loc)
I: Set
EqDecision0: EqDecision I
CI: Countable I

vars (Oₑ) = (∅ : gset loc)
done. Qed.
I: Set
EqDecision0: EqDecision I
CI: Countable I

vars (Iₑ) = (∅ : gset loc)
I: Set
EqDecision0: EqDecision I
CI: Countable I

vars (Iₑ) = (∅ : gset loc)
done. Qed.
I: Set
EqDecision0: EqDecision I
CI: Countable I
i: I

vars (Leaf I i) = {[i]}
I: Set
EqDecision0: EqDecision I
CI: Countable I
i: I

vars (Leaf I i) = {[i]}
done. Qed.
I: Set
EqDecision0: EqDecision I
CI: Countable I
op: Binop
el, er: Expr I

vars (Node I op el er) = vars el ∪ vars er
I: Set
EqDecision0: EqDecision I
CI: Countable I
op: Binop
el, er: Expr I

vars (Node I op el er) = vars el ∪ vars er
done. Qed.
I: Set
EqDecision0: EqDecision I
CI: Countable I
e: Expr I
f: I → Expr I
i: I

vars (f i) = ∅ → ( j : I, vars (f j) ⊆ {[j]}) → vars (bind f e) ⊆ vars e ∖ {[i]}
I: Set
EqDecision0: EqDecision I
CI: Countable I
e: Expr I
f: I → Expr I
i: I

vars (f i) = ∅ → ( j : I, vars (f j) ⊆ {[j]}) → vars (bind f e) ⊆ vars e ∖ {[i]}
induction e; [done|done| |]; set_solver. Qed.
I: Set
EqDecision0: EqDecision I
CI: Countable I
e: Expr I

Proper (equiv ==> flip impl) (eq (vars e))
I: Set
EqDecision0: EqDecision I
CI: Countable I
e: Expr I

Proper (equiv ==> flip impl) (eq (vars e))
I: Set
EqDecision0: EqDecision I
CI: Countable I
e: Expr I
x, y: gset I
H: x ≡ y

y = x
by apply gset_leibniz. Qed. End vars. (** [bind]. *) Section bind.
I: Set
e: Expr I

bind (Leaf I) e = e
I: Set
e: Expr I

bind (Leaf I) e = e
by induction e as [| | |?? IHl ? IHr]; last rewrite //= IHl IHr. Qed.
I, J, K: Set
e: Expr I
g: I → Expr J
f: J → Expr K

bind f (bind g e) = bind (bind f ∘ g) e
I, J, K: Set
e: Expr I
g: I → Expr J
f: J → Expr K

bind f (bind g e) = bind (bind f ∘ g) e
by induction e as [| | |?? IHl ? IHr]; last rewrite //= IHl IHr. Qed. (* From iris.algebra Require Import gset. Definition vars_bind {I : Set} `{CI : Countable I} {J : Set} `{CJ : Countable J} (e : Expr I) (f : I → Expr J) : Prop := vars (bind f e) = [^(∪) set] i ∈ vars e, vars (f i). *) End bind. (** [map]. *) Section map.
I, J, K: Set
ϱ: I → J
ϑ: J → K
e: Expr I

map (ϑ ∘ ϱ) e = map ϑ (map ϱ e)
I, J, K: Set
ϱ: I → J
ϑ: J → K
e: Expr I

map (ϑ ∘ ϱ) e = map ϑ (map ϱ e)
by induction e as [| | |?? IHl ? IHr]; last rewrite //= IHl IHr. Qed.
I, J: Set
EqDecision0: EqDecision I
CI: Countable I
ϱ, ϑ: I → J
e: Expr I

( i : I, i ∈ vars e → ϱ i = ϑ i) → map ϱ e = map ϑ e
I, J: Set
EqDecision0: EqDecision I
CI: Countable I
ϱ, ϑ: I → J
e: Expr I

( i : I, i ∈ vars e → ϱ i = ϑ i) → map ϱ e = map ϑ e
I, J: Set
EqDecision0: EqDecision I
CI: Countable I
ϱ, ϑ: I → J
i: I

( i0 : I, i0 ∈ vars (Leaf I i) → ϱ i0 = ϑ i0) → map ϱ (Leaf I i) = map ϑ (Leaf I i)
I, J: Set
EqDecision0: EqDecision I
CI: Countable I
ϱ, ϑ: I → J
op: Binop
el, er: Expr I
IHel: ( i : I, i ∈ vars el → ϱ i = ϑ i) → map ϱ el = map ϑ el
IHer: ( i : I, i ∈ vars er → ϱ i = ϑ i) → map ϱ er = map ϑ er
( i : I, i ∈ vars (Node I op el er) → ϱ i = ϑ i) → map ϱ (Node I op el er) = map ϑ (Node I op el er)
I, J: Set
EqDecision0: EqDecision I
CI: Countable I
ϱ, ϑ: I → J
i: I

( i0 : I, i0 ∈ vars (Leaf I i) → ϱ i0 = ϑ i0) → map ϱ (Leaf I i) = map ϑ (Leaf I i)
I, J: Set
EqDecision0: EqDecision I
CI: Countable I
ϱ, ϑ: I → J
i: I
Hvars: i0 : I, i0 ∈ vars (Leaf I i) → ϱ i0 = ϑ i0

map ϱ (Leaf I i) = map ϑ (Leaf I i)
I, J: Set
EqDecision0: EqDecision I
CI: Countable I
ϱ, ϑ: I → J
i: I
Hvars: i0 : I, i0 ∈ vars (Leaf I i) → ϱ i0 = ϑ i0

Leaf J (ϱ i) = Leaf J (ϑ i)
I, J: Set
EqDecision0: EqDecision I
CI: Countable I
ϱ, ϑ: I → J
i: I
Hvars: i0 : I, i0 ∈ vars (Leaf I i) → ϱ i0 = ϑ i0

ϱ i = ϑ i
I, J: Set
EqDecision0: EqDecision I
CI: Countable I
ϱ, ϑ: I → J
i: I
Hvars: i0 : I, i0 ∈ vars (Leaf I i) → ϱ i0 = ϑ i0

i ∈ vars (Leaf I i)
set_solver.
I, J: Set
EqDecision0: EqDecision I
CI: Countable I
ϱ, ϑ: I → J
op: Binop
el, er: Expr I
IHel: ( i : I, i ∈ vars el → ϱ i = ϑ i) → map ϱ el = map ϑ el
IHer: ( i : I, i ∈ vars er → ϱ i = ϑ i) → map ϱ er = map ϑ er

( i : I, i ∈ vars (Node I op el er) → ϱ i = ϑ i) → map ϱ (Node I op el er) = map ϑ (Node I op el er)
I, J: Set
EqDecision0: EqDecision I
CI: Countable I
ϱ, ϑ: I → J
op: Binop
el, er: Expr I
IHel: ( i : I, i ∈ vars el → ϱ i = ϑ i) → map ϱ el = map ϑ el
IHer: ( i : I, i ∈ vars er → ϱ i = ϑ i) → map ϱ er = map ϑ er

( i : I, i ∈ vars (Node I op el er) → ϱ i = ϑ i) → map ϱ (Node I op el er) = map ϑ (Node I op el er)
I, J: Set
EqDecision0: EqDecision I
CI: Countable I
ϱ, ϑ: I → J
op: Binop
el, er: Expr I
IHel: ( i : I, i ∈ vars el → ϱ i = ϑ i) → map ϱ el = map ϑ el
IHer: ( i : I, i ∈ vars er → ϱ i = ϑ i) → map ϱ er = map ϑ er
Hvars: i : I, i ∈ vars (Node I op el er) → ϱ i = ϑ i

map ϱ (Node I op el er) = map ϑ (Node I op el er)
rewrite //= IHel; [rewrite IHer; [done|]|]; set_solver. } Qed.
I, J: Set
ϱ, ϑ: I → J
e: Expr I

( i : I, ϱ i = ϑ i) → map ϱ e = map ϑ e
I, J: Set
ϱ, ϑ: I → J
e: Expr I

( i : I, ϱ i = ϑ i) → map ϱ e = map ϑ e
by intros Hext; induction e as [| | |?? IHl ? IHr]; [| |rewrite //= Hext|rewrite //= IHl IHr]. Qed. End map. (** [defs]. *) Section defs.
x: val
n: node
K: list (val * node)

defs ((x, n) :: K) = x :: defs K
x: val
n: node
K: list (val * node)

defs ((x, n) :: K) = x :: defs K
done. Qed.
x: val
n: node

defs [(x, n)] = [x]
x: val
n: node

defs [(x, n)] = [x]
done. Qed.
K₁, K₂: list (val * node)

defs (K₁ ++ K₂) = defs K₁ ++ defs K₂
K₁, K₂: list (val * node)

defs (K₁ ++ K₂) = defs K₁ ++ defs K₂
by rewrite /defs fmap_app. Qed.
K₁, K₂: list (val * node)
x: val
n: node

defs (K₁ ++ (x, n) :: K₂) = defs K₁ ++ x :: defs K₂
K₁, K₂: list (val * node)
x: val
n: node

defs (K₁ ++ (x, n) :: K₂) = defs K₁ ++ x :: defs K₂
by rewrite defs_app. Qed. End defs. (** [overwrite]. *) Section overwrite. Context {A B : Set} {EA : EqDecision A}.
A, B: Set
EA: EqDecision A
f: A → B
a: A
b: B

(f .{[ a := b]}) a = b
A, B: Set
EA: EqDecision A
f: A → B
a: A
b: B

(f .{[ a := b]}) a = b
by rewrite /overwrite decide_True. Qed.
A, B: Set
EA: EqDecision A
f: A → B
a, x: A
b: B

a = x → (f .{[ a := b]}) x = b
A, B: Set
EA: EqDecision A
f: A → B
a, x: A
b: B

a = x → (f .{[ a := b]}) x = b
A, B: Set
EA: EqDecision A
f: A → B
x: A
b: B

(f .{[ x := b]}) x = b
apply overwrite_eq. Qed.
A, B: Set
EA: EqDecision A
f: A → B
a, x: A
b: B

a ≠ x → (f .{[ a := b]}) x = f x
A, B: Set
EA: EqDecision A
f: A → B
a, x: A
b: B

a ≠ x → (f .{[ a := b]}) x = f x
A, B: Set
EA: EqDecision A
f: A → B
a, x: A
b: B
H: a ≠ x

(f .{[ a := b]}) x = f x
by rewrite /overwrite decide_False. Qed. End overwrite. (** [filling]. *) Section filling.
y: val

(Let [] .in y) = Leaf val y
y: val

(Let [] .in y) = Leaf val y
done. Qed.
K: list (val * (Binop * val * val))
x: val
op: Binop
a, b, y: val

(Let K ++ [(x, (op, a, b))] .in y) = (if decide (x = y) then Node val op (Let K .in a) (Let K .in b) else Let K .in y)
K: list (val * (Binop * val * val))
x: val
op: Binop
a, b, y: val

(Let K ++ [(x, (op, a, b))] .in y) = (if decide (x = y) then Node val op (Let K .in a) (Let K .in b) else Let K .in y)
K: list (val * (Binop * val * val))
x: val
op: Binop
a, b, y: val

foldl (λ (filling : val → Expr val) '(x, (op, a, b)), filling .{[ x := Node val op (filling a) (filling b)]}) (filling K) [(x, (op, a, b))] y = (if decide (x = y) then Node val op (Let K .in a) (Let K .in b) else Let K .in y)
done. Qed.
K: list (val * (Binop * val * val))
x: val
op: Binop
a, b: val

(Let K ++ [(x, (op, a, b))] .in x) = Node val op (Let K .in a) (Let K .in b)
K: list (val * (Binop * val * val))
x: val
op: Binop
a, b: val

(Let K ++ [(x, (op, a, b))] .in x) = Node val op (Let K .in a) (Let K .in b)
by rewrite filling_snoc decide_True. Qed.
K: list (val * (Binop * val * val))
x: val
op: Binop
a, b, y: val

x = y → (Let K ++ [(x, (op, a, b))] .in y) = Node val op (Let K .in a) (Let K .in b)
K: list (val * (Binop * val * val))
x: val
op: Binop
a, b, y: val

x = y → (Let K ++ [(x, (op, a, b))] .in y) = Node val op (Let K .in a) (Let K .in b)
K: list (val * (Binop * val * val))
op: Binop
a, b, y: val

(Let K ++ [(y, (op, a, b))] .in y) = Node val op (Let K .in a) (Let K .in b)
apply filling_snoc_eq. Qed.
K: list (val * node)
x: val
n: node
y: val

x ≠ y → (Let K ++ [(x, n)] .in y) = (Let K .in y)
K: list (val * node)
x: val
n: node
y: val

x ≠ y → (Let K ++ [(x, n)] .in y) = (Let K .in y)
K: list (val * node)
x: val
n: node
y: val
H: x ≠ y

(Let K ++ [(x, n)] .in y) = (Let K .in y)
K: list (val * node)
x: val
b: Binop
v, v0, y: val
H: x ≠ y

(Let K ++ [(x, (b, v, v0))] .in y) = (Let K .in y)
by rewrite filling_snoc decide_False. Qed.
x: val
op: Binop
a, b, y: val

(Let [(x, (op, a, b))] .in y) = (if decide (x = y) then Node val op (Leaf val a) (Leaf val b) else Leaf val y)
x: val
op: Binop
a, b, y: val

(Let [(x, (op, a, b))] .in y) = (if decide (x = y) then Node val op (Leaf val a) (Leaf val b) else Leaf val y)
by rewrite -(app_nil_l [_]) filling_snoc //=. Qed.
x: val
op: Binop
a, b: val

(Let [(x, (op, a, b))] .in x) = Node val op (Leaf val a) (Leaf val b)
x: val
op: Binop
a, b: val

(Let [(x, (op, a, b))] .in x) = Node val op (Leaf val a) (Leaf val b)
by rewrite filling_singleton decide_True. Qed.
x: val
op: Binop
a, b, y: val

x = y → (Let [(x, (op, a, b))] .in y) = Node val op (Leaf val a) (Leaf val b)
x: val
op: Binop
a, b, y: val

x = y → (Let [(x, (op, a, b))] .in y) = Node val op (Leaf val a) (Leaf val b)
op: Binop
a, b, y: val

(Let [(y, (op, a, b))] .in y) = Node val op (Leaf val a) (Leaf val b)
apply filling_singleton_eq. Qed.
x: val
n: node
y: val

x ≠ y → (Let [(x, n)] .in y) = Leaf val y
x: val
n: node
y: val

x ≠ y → (Let [(x, n)] .in y) = Leaf val y
x: val
n: node
y: val
H: x ≠ y

(Let [(x, n)] .in y) = Leaf val y
x: val
b: Binop
v, v0, y: val
H: x ≠ y

(Let [(x, (b, v, v0))] .in y) = Leaf val y
by rewrite filling_singleton decide_False. Qed.
K₁: list (val * node)
K₂: context
y: val

y ∉ defs K₂ → (Let K₁ ++ K₂ .in y) = (Let K₁ .in y)
K₁: list (val * node)
K₂: context
y: val

y ∉ defs K₂ → (Let K₁ ++ K₂ .in y) = (Let K₁ .in y)
K₁: list (val * node)
y: val

y ∉ defs [] → (Let K₁ ++ [] .in y) = (Let K₁ .in y)
K₁: list (val * node)
x: val
op: Binop
a, b: val
K₂: list (val * node)
y: val
IHK₂: y ∉ defs K₂ → (Let K₁ ++ K₂ .in y) = (Let K₁ .in y)
y ∉ defs (K₂ ++ [(x, (op, a, b))]) → (Let K₁ ++ K₂ ++ [(x, (op, a, b))] .in y) = (Let K₁ .in y)
K₁: list (val * node)
y: val

y ∉ defs [] → (Let K₁ ++ [] .in y) = (Let K₁ .in y)
by rewrite app_nil_r.
K₁: list (val * node)
x: val
op: Binop
a, b: val
K₂: list (val * node)
y: val
IHK₂: y ∉ defs K₂ → (Let K₁ ++ K₂ .in y) = (Let K₁ .in y)

y ∉ defs (K₂ ++ [(x, (op, a, b))]) → (Let K₁ ++ K₂ ++ [(x, (op, a, b))] .in y) = (Let K₁ .in y)
K₁: list (val * node)
x: val
op: Binop
a, b: val
K₂: list (val * node)
y: val
IHK₂: y ∉ defs K₂ → (Let K₁ ++ K₂ .in y) = (Let K₁ .in y)

y ∉ defs (K₂ ++ [(x, (op, a, b))]) → (Let K₁ ++ K₂ ++ [(x, (op, a, b))] .in y) = (Let K₁ .in y)
K₁: list (val * node)
x: val
op: Binop
a, b: val
K₂: list (val * node)
y: val
IHK₂: y ∉ defs K₂ → (Let K₁ ++ K₂ .in y) = (Let K₁ .in y)

(y ∉ defs K₂) ∧ y ≠ x ∧ y ∉ [] → (if decide (x = y) then Node val op (Let K₁ ++ K₂ .in a) (Let K₁ ++ K₂ .in b) else Let K₁ ++ K₂ .in y) = (Let K₁ .in y)
K₁: list (val * node)
x: val
op: Binop
a, b: val
K₂: list (val * node)
y: val
IHK₂: y ∉ defs K₂ → (Let K₁ ++ K₂ .in y) = (Let K₁ .in y)
Hy: y ∉ defs K₂
Hneq: y ≠ x

(if decide (x = y) then Node val op (Let K₁ ++ K₂ .in a) (Let K₁ ++ K₂ .in b) else Let K₁ ++ K₂ .in y) = (Let K₁ .in y)
K₁: list (val * node)
x: val
op: Binop
a, b: val
K₂: list (val * node)
y: val
IHK₂: y ∉ defs K₂ → (Let K₁ ++ K₂ .in y) = (Let K₁ .in y)
Hy: y ∉ defs K₂
Hneq: y ≠ x

x ≠ y → (Let K₁ ++ K₂ .in y) = (Let K₁ .in y)
by rewrite IHK₂. } Qed.
K: context
y: val

y ∉ defs K → (Let K .in y) = Leaf val y
K: context
y: val

y ∉ defs K → (Let K .in y) = Leaf val y
K: context
y: val
Hy: y ∉ defs K

(Let K .in y) = Leaf val y
by rewrite -(app_nil_l K) filling_app. Qed.
K₁: list (val * (Binop * val * val))
K₂: context
x: val
op: Binop
a, b, y: val

y ∉ defs K₂ → (Let K₁ ++ (x, (op, a, b)) :: K₂ .in y) = (Let K₁ ++ [(x, (op, a, b))] .in y)
K₁: list (val * (Binop * val * val))
K₂: context
x: val
op: Binop
a, b, y: val

y ∉ defs K₂ → (Let K₁ ++ (x, (op, a, b)) :: K₂ .in y) = (Let K₁ ++ [(x, (op, a, b))] .in y)
by rewrite cons_middle app_assoc; apply filling_app. Qed.
K₁: list (val * (Binop * val * val))
K₂: context
x: val
op: Binop
a, b: val

x ∉ defs K₂ → (Let K₁ ++ (x, (op, a, b)) :: K₂ .in x) = Node val op (Let K₁ .in a) (Let K₁ .in b)
K₁: list (val * (Binop * val * val))
K₂: context
x: val
op: Binop
a, b: val

x ∉ defs K₂ → (Let K₁ ++ (x, (op, a, b)) :: K₂ .in x) = Node val op (Let K₁ .in a) (Let K₁ .in b)
K₁: list (val * (Binop * val * val))
K₂: context
x: val
op: Binop
a, b: val
H: x ∉ defs K₂

(Let K₁ ++ (x, (op, a, b)) :: K₂ .in x) = Node val op (Let K₁ .in a) (Let K₁ .in b)
by rewrite filling_cons_middle; [apply filling_snoc_eq|]. Qed.
K₁: list (val * (Binop * val * val))
K₂: context
x: val
op: Binop
a, b, y: val

x = y → y ∉ defs K₂ → (Let K₁ ++ (x, (op, a, b)) :: K₂ .in y) = Node val op (Let K₁ .in a) (Let K₁ .in b)
K₁: list (val * (Binop * val * val))
K₂: context
x: val
op: Binop
a, b, y: val

x = y → y ∉ defs K₂ → (Let K₁ ++ (x, (op, a, b)) :: K₂ .in y) = Node val op (Let K₁ .in a) (Let K₁ .in b)
K₁: list (val * (Binop * val * val))
K₂: context
op: Binop
a, b, y: val
H: y ∉ defs K₂

(Let K₁ ++ (y, (op, a, b)) :: K₂ .in y) = Node val op (Let K₁ .in a) (Let K₁ .in b)
by rewrite filling_cons_middle; [apply filling_snoc_eq|]. Qed.
K₁: list (val * node)
K₂: context
x: val
n: node
y: val

x ≠ y → y ∉ defs K₂ → (Let K₁ ++ (x, n) :: K₂ .in y) = (Let K₁ .in y)
K₁: list (val * node)
K₂: context
x: val
n: node
y: val

x ≠ y → y ∉ defs K₂ → (Let K₁ ++ (x, n) :: K₂ .in y) = (Let K₁ .in y)
K₁: list (val * node)
K₂: context
x: val
n: node
y: val
H: x ≠ y
H0: y ∉ defs K₂

(Let K₁ ++ (x, n) :: K₂ .in y) = (Let K₁ .in y)
K₁: list (val * node)
K₂: context
x: val
b: Binop
v, v0, y: val
H: x ≠ y
H0: y ∉ defs K₂

(Let K₁ ++ (x, (b, v, v0)) :: K₂ .in y) = (Let K₁ .in y)
by rewrite filling_cons_middle; [apply filling_snoc_neq|]. Qed. End filling. (** [extension]. *) Section extension. Context {R : Set} {RS : RingSig R}.
R: Set
RS: RingSig R
ϱ: val → R
K: context
x: val
op: Binop
a, b: val

(ϱ .{[ K ++ [(x, (op, a, b))]]}) = (let ϱ := ϱ .{[ K]} in ϱ .{[ x := denote op (ϱ a) (ϱ b)]})
R: Set
RS: RingSig R
ϱ: val → R
K: context
x: val
op: Binop
a, b: val

(ϱ .{[ K ++ [(x, (op, a, b))]]}) = (let ϱ := ϱ .{[ K]} in ϱ .{[ x := denote op (ϱ a) (ϱ b)]})
by rewrite /extension foldl_app. Qed.
R: Set
RS: RingSig R
ϱ: val → R
K: context

y : val, (ϱ .{[ K]}) y = eval (map ϱ (Let K .in y))
R: Set
RS: RingSig R
ϱ: val → R
K: context

y : val, (ϱ .{[ K]}) y = eval (map ϱ (Let K .in y))
R: Set
RS: RingSig R
ϱ: val → R
x: val
op: Binop
a, b: val
K: list (val * node)
IHK: y : val, (ϱ .{[ K]}) y = eval (map ϱ (Let K .in y))

y : val, (ϱ .{[ K ++ [(x, (op, a, b))]]}) y = eval (map ϱ (Let K ++ [(x, (op, a, b))] .in y))
R: Set
RS: RingSig R
ϱ: val → R
x: val
op: Binop
a, b: val
K: list (val * node)
IHK: y : val, (ϱ .{[ K]}) y = eval (map ϱ (Let K .in y))
y: val

(ϱ .{[ K ++ [(x, (op, a, b))]]}) y = eval (map ϱ (Let K ++ [(x, (op, a, b))] .in y))
R: Set
RS: RingSig R
ϱ: val → R
x: val
op: Binop
a, b: val
K: list (val * node)
IHK: y : val, (ϱ .{[ K]}) y = eval (map ϱ (Let K .in y))
y: val

((ϱ .{[ K]}) .{[ x := denote op ((ϱ .{[ K]}) a) ((ϱ .{[ K]}) b)]}) y = eval (map ϱ (Let K ++ [(x, (op, a, b))] .in y))
R: Set
RS: RingSig R
ϱ: val → R
op: Binop
a, b: val
K: list (val * node)
IHK: y : val, (ϱ .{[ K]}) y = eval (map ϱ (Let K .in y))
y: val

((ϱ .{[ K]}) .{[ y := denote op ((ϱ .{[ K]}) a) ((ϱ .{[ K]}) b)]}) y = eval (map ϱ (Let K ++ [(y, (op, a, b))] .in y))
R: Set
RS: RingSig R
ϱ: val → R
x: val
op: Binop
a, b: val
K: list (val * node)
IHK: y : val, (ϱ .{[ K]}) y = eval (map ϱ (Let K .in y))
y: val
Hneq: x ≠ y
((ϱ .{[ K]}) .{[ x := denote op ((ϱ .{[ K]}) a) ((ϱ .{[ K]}) b)]}) y = eval (map ϱ (Let K ++ [(x, (op, a, b))] .in y))
R: Set
RS: RingSig R
ϱ: val → R
op: Binop
a, b: val
K: list (val * node)
IHK: y : val, (ϱ .{[ K]}) y = eval (map ϱ (Let K .in y))
y: val

((ϱ .{[ K]}) .{[ y := denote op ((ϱ .{[ K]}) a) ((ϱ .{[ K]}) b)]}) y = eval (map ϱ (Let K ++ [(y, (op, a, b))] .in y))
by rewrite filling_snoc_eq overwrite_eq !IHK.
R: Set
RS: RingSig R
ϱ: val → R
x: val
op: Binop
a, b: val
K: list (val * node)
IHK: y : val, (ϱ .{[ K]}) y = eval (map ϱ (Let K .in y))
y: val
Hneq: x ≠ y

((ϱ .{[ K]}) .{[ x := denote op ((ϱ .{[ K]}) a) ((ϱ .{[ K]}) b)]}) y = eval (map ϱ (Let K ++ [(x, (op, a, b))] .in y))
R: Set
RS: RingSig R
ϱ: val → R
x: val
op: Binop
a, b: val
K: list (val * node)
IHK: y : val, (ϱ .{[ K]}) y = eval (map ϱ (Let K .in y))
y: val
Hneq: x ≠ y

((ϱ .{[ K]}) .{[ x := denote op ((ϱ .{[ K]}) a) ((ϱ .{[ K]}) b)]}) y = eval (map ϱ (Let K ++ [(x, (op, a, b))] .in y))
R: Set
RS: RingSig R
ϱ: val → R
x: val
op: Binop
a, b: val
K: list (val * node)
IHK: y : val, (ϱ .{[ K]}) y = eval (map ϱ (Let K .in y))
y: val
Hneq: x ≠ y

((ϱ .{[ K]}) .{[ x := denote op ((ϱ .{[ K]}) a) ((ϱ .{[ K]}) b)]}) y = eval (map ϱ (Let K .in y))
R: Set
RS: RingSig R
ϱ: val → R
x: val
op: Binop
a, b: val
K: list (val * node)
IHK: y : val, (ϱ .{[ K]}) y = eval (map ϱ (Let K .in y))
y: val
Hneq: x ≠ y

(ϱ .{[ K]}) y = eval (map ϱ (Let K .in y))
by apply IHK. } Qed. End extension. (** [eval]. *) Section eval. Context {R : Set} {RS : RingSig R}.
R: Set
RS: RingSig R
ϱ: val → R
K: context
x: val
op: Binop
a, b, y: val

let ϑ := ϱ .{[ x := denote op (ϱ a) (ϱ b)]} in eval (map ϱ (Let (x, (op, a, b)) :: K .in y)) = eval (map ϑ (Let K .in y))
R: Set
RS: RingSig R
ϱ: val → R
K: context
x: val
op: Binop
a, b, y: val

let ϑ := ϱ .{[ x := denote op (ϱ a) (ϱ b)]} in eval (map ϱ (Let (x, (op, a, b)) :: K .in y)) = eval (map ϑ (Let K .in y))
R: Set
RS: RingSig R
ϱ: val → R
K: context
x, a, b: val

(y : val) (op : Binop), let ϑ := ϱ .{[ x := denote op (ϱ a) (ϱ b)]} in eval (map ϱ (Let (x, (op, a, b)) :: K .in y)) = eval (map ϑ (Let K .in y))
R: Set
RS: RingSig R
ϱ: val → R
x, a, b: val

(y : val) (op : Binop), let ϑ := ϱ .{[ x := denote op (ϱ a) (ϱ b)]} in eval (map ϱ (Let [(x, (op, a, b))] .in y)) = eval (map ϑ (Let [] .in y))
R: Set
RS: RingSig R
ϱ: val → R
x': val
op': Binop
a', b': val
K: list (val * node)
x, a, b: val
IHK: (y : val) (op : Binop), let ϑ := ϱ .{[ x := denote op (ϱ a) (ϱ b)]} in eval (map ϱ (Let (x, (op, a, b)) :: K .in y)) = eval (map ϑ (Let K .in y))
(y : val) (op : Binop), let ϑ := ϱ .{[ x := denote op (ϱ a) (ϱ b)]} in eval (map ϱ (Let (x, (op, a, b)) :: K ++ [(x', (op', a', b'))] .in y)) = eval (map ϑ (Let K ++ [(x', (op', a', b'))] .in y))
R: Set
RS: RingSig R
ϱ: val → R
x, a, b: val

(y : val) (op : Binop), let ϑ := ϱ .{[ x := denote op (ϱ a) (ϱ b)]} in eval (map ϱ (Let [(x, (op, a, b))] .in y)) = eval (map ϑ (Let [] .in y))
R: Set
RS: RingSig R
ϱ: val → R
x, a, b, y: val
op: Binop

let ϑ := ϱ .{[ x := denote op (ϱ a) (ϱ b)]} in eval (map ϱ (Let [(x, (op, a, b))] .in y)) = eval (map ϑ (Let [] .in y))
R: Set
RS: RingSig R
ϱ: val → R
x, a, b, y: val
op: Binop

eval (map ϱ (Let [(x, (op, a, b))] .in y)) = (ϱ .{[ x := denote op (ϱ a) (ϱ b)]}) y
R: Set
RS: RingSig R
ϱ: val → R
x, a, b, y: val
op: Binop

eval (map ϱ (if decide (x = y) then Node val op (Leaf val a) (Leaf val b) else Leaf val y)) = (ϱ .{[ x := denote op (ϱ a) (ϱ b)]}) y
R: Set
RS: RingSig R
ϱ: val → R
x, a, b, y: val
op: Binop

x = y → eval (map ϱ (Node val op (Leaf val a) (Leaf val b))) = (ϱ .{[ x := denote op (ϱ a) (ϱ b)]}) y
R: Set
RS: RingSig R
ϱ: val → R
x, a, b, y: val
op: Binop
x ≠ y → eval (map ϱ (Leaf val y)) = (ϱ .{[ x := denote op (ϱ a) (ϱ b)]}) y
R: Set
RS: RingSig R
ϱ: val → R
x, a, b, y: val
op: Binop

x = y → eval (map ϱ (Node val op (Leaf val a) (Leaf val b))) = (ϱ .{[ x := denote op (ϱ a) (ϱ b)]}) y
R: Set
RS: RingSig R
ϱ: val → R
a, b, y: val
op: Binop

eval (map ϱ (Node val op (Leaf val a) (Leaf val b))) = (ϱ .{[ y := denote op (ϱ a) (ϱ b)]}) y
R: Set
RS: RingSig R
ϱ: val → R
a, b, y: val
op: Binop

denote op (ϱ a) (ϱ b) = (ϱ .{[ y := denote op (ϱ a) (ϱ b)]}) y
R: Set
RS: RingSig R
ϱ: val → R
a, b, y: val
op: Binop

denote op (ϱ a) (ϱ b) = denote op (ϱ a) (ϱ b)
done.
R: Set
RS: RingSig R
ϱ: val → R
x, a, b, y: val
op: Binop

x ≠ y → eval (map ϱ (Leaf val y)) = (ϱ .{[ x := denote op (ϱ a) (ϱ b)]}) y
R: Set
RS: RingSig R
ϱ: val → R
x, a, b, y: val
op: Binop
n: x ≠ y

eval (map ϱ (Leaf val y)) = (ϱ .{[ x := denote op (ϱ a) (ϱ b)]}) y
R: Set
RS: RingSig R
ϱ: val → R
x, a, b, y: val
op: Binop
n: x ≠ y

ϱ y = (ϱ .{[ x := denote op (ϱ a) (ϱ b)]}) y
rewrite overwrite_neq; done.
R: Set
RS: RingSig R
ϱ: val → R
x': val
op': Binop
a', b': val
K: list (val * node)
x, a, b: val
IHK: (y : val) (op : Binop), let ϑ := ϱ .{[ x := denote op (ϱ a) (ϱ b)]} in eval (map ϱ (Let (x, (op, a, b)) :: K .in y)) = eval (map ϑ (Let K .in y))

(y : val) (op : Binop), let ϑ := ϱ .{[ x := denote op (ϱ a) (ϱ b)]} in eval (map ϱ (Let (x, (op, a, b)) :: K ++ [(x', (op', a', b'))] .in y)) = eval (map ϑ (Let K ++ [(x', (op', a', b'))] .in y))
R: Set
RS: RingSig R
ϱ: val → R
x': val
op': Binop
a', b': val
K: list (val * node)
x, a, b: val
IHK: (y : val) (op : Binop), let ϑ := ϱ .{[ x := denote op (ϱ a) (ϱ b)]} in eval (map ϱ (Let (x, (op, a, b)) :: K .in y)) = eval (map ϑ (Let K .in y))

(y : val) (op : Binop), let ϑ := ϱ .{[ x := denote op (ϱ a) (ϱ b)]} in eval (map ϱ (Let (x, (op, a, b)) :: K ++ [(x', (op', a', b'))] .in y)) = eval (map ϑ (Let K ++ [(x', (op', a', b'))] .in y))
R: Set
RS: RingSig R
ϱ: val → R
x': val
op': Binop
a', b': val
K: list (val * node)
x, a, b: val
IHK: (y : val) (op : Binop), let ϑ := ϱ .{[ x := denote op (ϱ a) (ϱ b)]} in eval (map ϱ (Let (x, (op, a, b)) :: K .in y)) = eval (map ϑ (Let K .in y))
y: val
op: Binop

let ϑ := ϱ .{[ x := denote op (ϱ a) (ϱ b)]} in eval (map ϱ (Let (x, (op, a, b)) :: K ++ [(x', (op', a', b'))] .in y)) = eval (map ϑ (Let K ++ [(x', (op', a', b'))] .in y))
R: Set
RS: RingSig R
ϱ: val → R
x': val
op': Binop
a', b': val
K: list (val * node)
x, a, b: val
IHK: (y : val) (op : Binop), let ϑ := ϱ .{[ x := denote op (ϱ a) (ϱ b)]} in eval (map ϱ (Let (x, (op, a, b)) :: K .in y)) = eval (map ϑ (Let K .in y))
y: val
op: Binop

eval (map ϱ (Let (x, (op, a, b)) :: K ++ [(x', (op', a', b'))] .in y)) = eval (map (ϱ .{[ x := denote op (ϱ a) (ϱ b)]}) (Let K ++ [(x', (op', a', b'))] .in y))
R: Set
RS: RingSig R
ϱ: val → R
x': val
op': Binop
a', b': val
K: list (val * node)
x, a, b: val
IHK: (y : val) (op : Binop), let ϑ := ϱ .{[ x := denote op (ϱ a) (ϱ b)]} in eval (map ϱ (Let (x, (op, a, b)) :: K .in y)) = eval (map ϑ (Let K .in y))
y: val
op: Binop

eval (map ϱ (if decide (x' = y) then Node val op' (Let (x, (op, a, b)) :: K .in a') (Let (x, (op, a, b)) :: K .in b') else Let (x, (op, a, b)) :: K .in y)) = eval (map (ϱ .{[ x := denote op (ϱ a) (ϱ b)]}) (if decide (x' = y) then Node val op' (Let K .in a') (Let K .in b') else Let K .in y))
R: Set
RS: RingSig R
ϱ: val → R
x': val
op': Binop
a', b': val
K: list (val * node)
x, a, b: val
IHK: (y : val) (op : Binop), let ϑ := ϱ .{[ x := denote op (ϱ a) (ϱ b)]} in eval (map ϱ (Let (x, (op, a, b)) :: K .in y)) = eval (map ϑ (Let K .in y))
y: val
op: Binop

x' = y → eval (map ϱ (Node val op' (Let (x, (op, a, b)) :: K .in a') (Let (x, (op, a, b)) :: K .in b'))) = eval (map (ϱ .{[ x := denote op (ϱ a) (ϱ b)]}) (Node val op' (Let K .in a') (Let K .in b')))
R: Set
RS: RingSig R
ϱ: val → R
x': val
op': Binop
a', b': val
K: list (val * node)
x, a, b: val
IHK: (y : val) (op : Binop), let ϑ := ϱ .{[ x := denote op (ϱ a) (ϱ b)]} in eval (map ϱ (Let (x, (op, a, b)) :: K .in y)) = eval (map ϑ (Let K .in y))
y: val
op: Binop
x' ≠ y → eval (map ϱ (Let (x, (op, a, b)) :: K .in y)) = eval (map (ϱ .{[ x := denote op (ϱ a) (ϱ b)]}) (Let K .in y))
R: Set
RS: RingSig R
ϱ: val → R
x': val
op': Binop
a', b': val
K: list (val * node)
x, a, b: val
IHK: (y : val) (op : Binop), let ϑ := ϱ .{[ x := denote op (ϱ a) (ϱ b)]} in eval (map ϱ (Let (x, (op, a, b)) :: K .in y)) = eval (map ϑ (Let K .in y))
y: val
op: Binop

x' = y → eval (map ϱ (Node val op' (Let (x, (op, a, b)) :: K .in a') (Let (x, (op, a, b)) :: K .in b'))) = eval (map (ϱ .{[ x := denote op (ϱ a) (ϱ b)]}) (Node val op' (Let K .in a') (Let K .in b')))
R: Set
RS: RingSig R
ϱ: val → R
op': Binop
a', b': val
K: list (val * node)
x, a, b: val
IHK: (y : val) (op : Binop), let ϑ := ϱ .{[ x := denote op (ϱ a) (ϱ b)]} in eval (map ϱ (Let (x, (op, a, b)) :: K .in y)) = eval (map ϑ (Let K .in y))
y: val
op: Binop

eval (map ϱ (Node val op' (Let (x, (op, a, b)) :: K .in a') (Let (x, (op, a, b)) :: K .in b'))) = eval (map (ϱ .{[ x := denote op (ϱ a) (ϱ b)]}) (Node val op' (Let K .in a') (Let K .in b')))
R: Set
RS: RingSig R
ϱ: val → R
op': Binop
a', b': val
K: list (val * node)
x, a, b: val
IHK: (y : val) (op : Binop), let ϑ := ϱ .{[ x := denote op (ϱ a) (ϱ b)]} in eval (map ϱ (Let (x, (op, a, b)) :: K .in y)) = eval (map ϑ (Let K .in y))
y: val
op: Binop

denote op' (eval (map ϱ (Let (x, (op, a, b)) :: K .in a'))) (eval (map ϱ (Let (x, (op, a, b)) :: K .in b'))) = denote op' (eval (map (ϱ .{[ x := denote op (ϱ a) (ϱ b)]}) (Let K .in a'))) (eval (map (ϱ .{[ x := denote op (ϱ a) (ϱ b)]}) (Let K .in b')))
f_equal; apply IHK.
R: Set
RS: RingSig R
ϱ: val → R
x': val
op': Binop
a', b': val
K: list (val * node)
x, a, b: val
IHK: (y : val) (op : Binop), let ϑ := ϱ .{[ x := denote op (ϱ a) (ϱ b)]} in eval (map ϱ (Let (x, (op, a, b)) :: K .in y)) = eval (map ϑ (Let K .in y))
y: val
op: Binop

x' ≠ y → eval (map ϱ (Let (x, (op, a, b)) :: K .in y)) = eval (map (ϱ .{[ x := denote op (ϱ a) (ϱ b)]}) (Let K .in y))
R: Set
RS: RingSig R
ϱ: val → R
x': val
op': Binop
a', b': val
K: list (val * node)
x, a, b: val
IHK: (y : val) (op : Binop), let ϑ := ϱ .{[ x := denote op (ϱ a) (ϱ b)]} in eval (map ϱ (Let (x, (op, a, b)) :: K .in y)) = eval (map ϑ (Let K .in y))
y: val
op: Binop
n: x' ≠ y

eval (map ϱ (Let (x, (op, a, b)) :: K .in y)) = eval (map (ϱ .{[ x := denote op (ϱ a) (ϱ b)]}) (Let K .in y))
apply IHK. } Qed.
R: Set
RS: RingSig R
I: Set
e: Expr I

eval (map (λ i : I, Leaf I i) e) = e
R: Set
RS: RingSig R
I: Set
e: Expr I

eval (map (λ i : I, Leaf I i) e) = e
induction e as [| |j|[|]]; try done; by rewrite //= IHe1 IHe2. Qed. End eval. (** [diff]. *) Section diff. Context {I : Set} {EI : EqDecision I} {R : Set} {RS : RingSig R}.
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
i: I

ϱ : I → R, (∂ Leaf I i ./ ∂ i .at ϱ) = Iᵣ
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
i: I

ϱ : I → R, (∂ Leaf I i ./ ∂ i .at ϱ) = Iᵣ
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
i: I
ϱ: I → R

(∂ Leaf I i ./ ∂ i .at ϱ) = Iᵣ
by rewrite //= decide_True. Qed.
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
i, j: I

i = j → ϱ : I → R, (∂ Leaf I i ./ ∂ j .at ϱ) = Iᵣ
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
i, j: I

i = j → ϱ : I → R, (∂ Leaf I i ./ ∂ j .at ϱ) = Iᵣ
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
j: I

ϱ : I → R, (∂ Leaf I j ./ ∂ j .at ϱ) = Iᵣ
apply diff_leaf_eq. Qed.
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
i, j: I

i ≠ j → ϱ : I → R, (∂ Leaf I i ./ ∂ j .at ϱ) = Oᵣ
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
i, j: I

i ≠ j → ϱ : I → R, (∂ Leaf I i ./ ∂ j .at ϱ) = Oᵣ
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
i, j: I
H: i ≠ j
ϱ: I → R

(∂ Leaf I i ./ ∂ j .at ϱ) = Oᵣ
by rewrite //= decide_False. Qed.
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
ϱ: I → R
e, eⱼ: Expr I
i, j: I

let f := (λ i : I, Leaf I i) .{[ j := eⱼ]} in let ϑ := ϱ .{[ j := eval (map ϱ eⱼ)]} in i ≠ j → (∂ eⱼ ./ ∂ i .at ϱ) = Oᵣ → (∂ bind f e ./ ∂ i .at ϱ) = (∂ e ./ ∂ i .at ϑ)
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
ϱ: I → R
e, eⱼ: Expr I
i, j: I

let f := (λ i : I, Leaf I i) .{[ j := eⱼ]} in let ϑ := ϱ .{[ j := eval (map ϱ eⱼ)]} in i ≠ j → (∂ eⱼ ./ ∂ i .at ϱ) = Oᵣ → (∂ bind f e ./ ∂ i .at ϱ) = (∂ e ./ ∂ i .at ϑ)
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
ϱ: I → R
e, eⱼ: Expr I
i, j: I
f:= (λ i : I, Leaf I i) .{[ j := eⱼ]}: I → Expr I
ϑ:= ϱ .{[ j := eval (map ϱ eⱼ)]}: I → R
Hneq: i ≠ j
Hdiff: (∂ eⱼ ./ ∂ i .at ϱ) = Oᵣ

(∂ bind f e ./ ∂ i .at ϱ) = (∂ e ./ ∂ i .at ϑ)
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
ϱ: I → R
e, eⱼ: Expr I
i, j: I
f:= (λ i : I, Leaf I i) .{[ j := eⱼ]}: I → Expr I
ϑ:= ϱ .{[ j := eval (map ϱ eⱼ)]}: I → R
Hneq: i ≠ j
Hdiff: (∂ eⱼ ./ ∂ i .at ϱ) = Oᵣ

e : Expr I, eval (map ϱ (bind f e)) = eval (map ϑ e)
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
ϱ: I → R
e, eⱼ: Expr I
i, j: I
f:= (λ i : I, Leaf I i) .{[ j := eⱼ]}: I → Expr I
ϑ:= ϱ .{[ j := eval (map ϱ eⱼ)]}: I → R
Hneq: i ≠ j
Hdiff: (∂ eⱼ ./ ∂ i .at ϱ) = Oᵣ
Heval_bind: e : Expr I, eval (map ϱ (bind f e)) = eval (map ϑ e)
(∂ bind f e ./ ∂ i .at ϱ) = (∂ e ./ ∂ i .at ϑ)
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
ϱ: I → R
e, eⱼ: Expr I
i, j: I
f:= (λ i : I, Leaf I i) .{[ j := eⱼ]}: I → Expr I
ϑ:= ϱ .{[ j := eval (map ϱ eⱼ)]}: I → R
Hneq: i ≠ j
Hdiff: (∂ eⱼ ./ ∂ i .at ϱ) = Oᵣ

e : Expr I, eval (map ϱ (bind f e)) = eval (map ϑ e)
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
ϱ: I → R
eⱼ: Expr I
i, j: I
f:= (λ i : I, Leaf I i) .{[ j := eⱼ]}: I → Expr I
ϑ:= ϱ .{[ j := eval (map ϱ eⱼ)]}: I → R
Hneq: i ≠ j
Hdiff: (∂ eⱼ ./ ∂ i .at ϱ) = Oᵣ

e : Expr I, eval (map ϱ (bind f e)) = eval (map ϑ e)
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
ϱ: I → R
eⱼ: Expr I
i, j: I
f:= (λ i : I, Leaf I i) .{[ j := eⱼ]}: I → Expr I
ϑ:= ϱ .{[ j := eval (map ϱ eⱼ)]}: I → R
Hneq: i ≠ j
Hdiff: (∂ eⱼ ./ ∂ i .at ϱ) = Oᵣ
i': I

eval (map ϱ (f i')) = ϑ i'
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
ϱ: I → R
eⱼ: Expr I
i, j: I
f:= (λ i : I, Leaf I i) .{[ j := eⱼ]}: I → Expr I
ϑ:= ϱ .{[ j := eval (map ϱ eⱼ)]}: I → R
Hneq: i ≠ j
Hdiff: (∂ eⱼ ./ ∂ i .at ϱ) = Oᵣ
i': I

i' = j → eval (map ϱ (f i')) = ϑ i'
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
ϱ: I → R
eⱼ: Expr I
i, j: I
f:= (λ i : I, Leaf I i) .{[ j := eⱼ]}: I → Expr I
ϑ:= ϱ .{[ j := eval (map ϱ eⱼ)]}: I → R
Hneq: i ≠ j
Hdiff: (∂ eⱼ ./ ∂ i .at ϱ) = Oᵣ
i': I
i' ≠ j → eval (map ϱ (f i')) = ϑ i'
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
ϱ: I → R
eⱼ: Expr I
i, j: I
f:= (λ i : I, Leaf I i) .{[ j := eⱼ]}: I → Expr I
ϑ:= ϱ .{[ j := eval (map ϱ eⱼ)]}: I → R
Hneq: i ≠ j
Hdiff: (∂ eⱼ ./ ∂ i .at ϱ) = Oᵣ
i': I

i' = j → eval (map ϱ (f i')) = ϑ i'
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
ϱ: I → R
eⱼ: Expr I
i, j: I
f:= (λ i : I, Leaf I i) .{[ j := eⱼ]}: I → Expr I
ϑ:= ϱ .{[ j := eval (map ϱ eⱼ)]}: I → R
Hneq: i ≠ j
Hdiff: (∂ eⱼ ./ ∂ i .at ϱ) = Oᵣ

eval (map ϱ (f j)) = ϑ j
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
ϱ: I → R
eⱼ: Expr I
i, j: I
f:= (λ i : I, Leaf I i) .{[ j := eⱼ]}: I → Expr I
ϑ:= ϱ .{[ j := eval (map ϱ eⱼ)]}: I → R
Hneq: i ≠ j
Hdiff: (∂ eⱼ ./ ∂ i .at ϱ) = Oᵣ

eval (map ϱ (((λ i : I, Leaf I i) .{[ j := eⱼ]}) j)) = (ϱ .{[ j := eval (map ϱ eⱼ)]}) j
by rewrite !overwrite_eq.
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
ϱ: I → R
eⱼ: Expr I
i, j: I
f:= (λ i : I, Leaf I i) .{[ j := eⱼ]}: I → Expr I
ϑ:= ϱ .{[ j := eval (map ϱ eⱼ)]}: I → R
Hneq: i ≠ j
Hdiff: (∂ eⱼ ./ ∂ i .at ϱ) = Oᵣ
i': I

i' ≠ j → eval (map ϱ (f i')) = ϑ i'
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
ϱ: I → R
eⱼ: Expr I
i, j: I
f:= (λ i : I, Leaf I i) .{[ j := eⱼ]}: I → Expr I
ϑ:= ϱ .{[ j := eval (map ϱ eⱼ)]}: I → R
Hneq: i ≠ j
Hdiff: (∂ eⱼ ./ ∂ i .at ϱ) = Oᵣ
i': I
n: i' ≠ j

eval (map ϱ (f i')) = ϑ i'
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
ϱ: I → R
eⱼ: Expr I
i, j: I
f:= (λ i : I, Leaf I i) .{[ j := eⱼ]}: I → Expr I
ϑ:= ϱ .{[ j := eval (map ϱ eⱼ)]}: I → R
Hneq: i ≠ j
Hdiff: (∂ eⱼ ./ ∂ i .at ϱ) = Oᵣ
i': I
n: i' ≠ j

eval (map ϱ (((λ i : I, Leaf I i) .{[ j := eⱼ]}) i')) = (ϱ .{[ j := eval (map ϱ eⱼ)]}) i'
by rewrite !overwrite_neq.
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
ϱ: I → R
e, eⱼ: Expr I
i, j: I
f:= (λ i : I, Leaf I i) .{[ j := eⱼ]}: I → Expr I
ϑ:= ϱ .{[ j := eval (map ϱ eⱼ)]}: I → R
Hneq: i ≠ j
Hdiff: (∂ eⱼ ./ ∂ i .at ϱ) = Oᵣ
Heval_bind: e : Expr I, eval (map ϱ (bind f e)) = eval (map ϑ e)

(∂ bind f e ./ ∂ i .at ϱ) = (∂ e ./ ∂ i .at ϑ)
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
ϱ: I → R
i': I
eⱼ: Expr I
i, j: I
f:= (λ i : I, Leaf I i) .{[ j := eⱼ]}: I → Expr I
ϑ:= ϱ .{[ j := eval (map ϱ eⱼ)]}: I → R
Hneq: i ≠ j
Hdiff: (∂ eⱼ ./ ∂ i .at ϱ) = Oᵣ
Heval_bind: e : Expr I, eval (map ϱ (bind f e)) = eval (map ϑ e)

(∂ f i' ./ ∂ i .at ϱ) = (if decide (i = i') then Iᵣ else Oᵣ)
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
ϱ: I → R
i': I
eⱼ: Expr I
i, j: I
f:= (λ i : I, Leaf I i) .{[ j := eⱼ]}: I → Expr I
ϑ:= ϱ .{[ j := eval (map ϱ eⱼ)]}: I → R
Hneq: i ≠ j
Hdiff: (∂ eⱼ ./ ∂ i .at ϱ) = Oᵣ
Heval_bind: e : Expr I, eval (map ϱ (bind f e)) = eval (map ϑ e)

(∂ f i' ./ ∂ i .at ϱ) = (if decide (i = i') then Iᵣ else Oᵣ)
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
ϱ: I → R
i': I
eⱼ: Expr I
i, j: I
f:= (λ i : I, Leaf I i) .{[ j := eⱼ]}: I → Expr I
ϑ:= ϱ .{[ j := eval (map ϱ eⱼ)]}: I → R
Hneq: i ≠ j
Hdiff: (∂ eⱼ ./ ∂ i .at ϱ) = Oᵣ
Heval_bind: e : Expr I, eval (map ϱ (bind f e)) = eval (map ϑ e)

j = i' → (∂ f i' ./ ∂ i .at ϱ) = (if decide (i = i') then Iᵣ else Oᵣ)
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
ϱ: I → R
i': I
eⱼ: Expr I
i, j: I
f:= (λ i : I, Leaf I i) .{[ j := eⱼ]}: I → Expr I
ϑ:= ϱ .{[ j := eval (map ϱ eⱼ)]}: I → R
Hneq: i ≠ j
Hdiff: (∂ eⱼ ./ ∂ i .at ϱ) = Oᵣ
Heval_bind: e : Expr I, eval (map ϱ (bind f e)) = eval (map ϑ e)
j ≠ i' → (∂ f i' ./ ∂ i .at ϱ) = (if decide (i = i') then Iᵣ else Oᵣ)
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
ϱ: I → R
i': I
eⱼ: Expr I
i, j: I
f:= (λ i : I, Leaf I i) .{[ j := eⱼ]}: I → Expr I
ϑ:= ϱ .{[ j := eval (map ϱ eⱼ)]}: I → R
Hneq: i ≠ j
Hdiff: (∂ eⱼ ./ ∂ i .at ϱ) = Oᵣ
Heval_bind: e : Expr I, eval (map ϱ (bind f e)) = eval (map ϑ e)

j = i' → (∂ f i' ./ ∂ i .at ϱ) = (if decide (i = i') then Iᵣ else Oᵣ)
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
ϱ: I → R
i': I
eⱼ: Expr I
i: I
Hneq: i ≠ i'
ϑ:= ϱ .{[ i' := eval (map ϱ eⱼ)]}: I → R
f:= (λ i : I, Leaf I i) .{[ i' := eⱼ]}: I → Expr I
Hdiff: (∂ eⱼ ./ ∂ i .at ϱ) = Oᵣ
Heval_bind: e : Expr I, eval (map ϱ (bind f e)) = eval (map ϑ e)

(∂ f i' ./ ∂ i .at ϱ) = (if decide (i = i') then Iᵣ else Oᵣ)
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
ϱ: I → R
i': I
eⱼ: Expr I
i: I
Hneq: i ≠ i'
ϑ:= ϱ .{[ i' := eval (map ϱ eⱼ)]}: I → R
f:= (λ i : I, Leaf I i) .{[ i' := eⱼ]}: I → Expr I
Hdiff: (∂ eⱼ ./ ∂ i .at ϱ) = Oᵣ
Heval_bind: e : Expr I, eval (map ϱ (bind f e)) = eval (map ϑ e)

(∂ ((λ i : I, Leaf I i) .{[ i' := eⱼ]}) i' ./ ∂ i .at ϱ) = (if decide (i = i') then Iᵣ else Oᵣ)
by rewrite overwrite_eq Hdiff decide_False.
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
ϱ: I → R
i': I
eⱼ: Expr I
i, j: I
f:= (λ i : I, Leaf I i) .{[ j := eⱼ]}: I → Expr I
ϑ:= ϱ .{[ j := eval (map ϱ eⱼ)]}: I → R
Hneq: i ≠ j
Hdiff: (∂ eⱼ ./ ∂ i .at ϱ) = Oᵣ
Heval_bind: e : Expr I, eval (map ϱ (bind f e)) = eval (map ϑ e)

j ≠ i' → (∂ f i' ./ ∂ i .at ϱ) = (if decide (i = i') then Iᵣ else Oᵣ)
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
ϱ: I → R
i': I
eⱼ: Expr I
i, j: I
f:= (λ i : I, Leaf I i) .{[ j := eⱼ]}: I → Expr I
ϑ:= ϱ .{[ j := eval (map ϱ eⱼ)]}: I → R
Hneq: i ≠ j
Hdiff: (∂ eⱼ ./ ∂ i .at ϱ) = Oᵣ
Heval_bind: e : Expr I, eval (map ϱ (bind f e)) = eval (map ϑ e)
n: j ≠ i'

(∂ f i' ./ ∂ i .at ϱ) = (if decide (i = i') then Iᵣ else Oᵣ)
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
ϱ: I → R
i': I
eⱼ: Expr I
i, j: I
f:= (λ i : I, Leaf I i) .{[ j := eⱼ]}: I → Expr I
ϑ:= ϱ .{[ j := eval (map ϱ eⱼ)]}: I → R
Hneq: i ≠ j
Hdiff: (∂ eⱼ ./ ∂ i .at ϱ) = Oᵣ
Heval_bind: e : Expr I, eval (map ϱ (bind f e)) = eval (map ϑ e)
n: j ≠ i'

(∂ ((λ i : I, Leaf I i) .{[ j := eⱼ]}) i' ./ ∂ i .at ϱ) = (if decide (i = i') then Iᵣ else Oᵣ)
by rewrite overwrite_neq. } Qed.
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
ϱ: I → R
e: Expr I
i, j: I

let f := (λ i : I, Leaf I i) .{[ j := Oₑ]} in let ϑ := ϱ .{[ j := Oᵣ]} in i ≠ j → (∂ bind f e ./ ∂ i .at ϱ) = (∂ e ./ ∂ i .at ϑ)
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
ϱ: I → R
e: Expr I
i, j: I

let f := (λ i : I, Leaf I i) .{[ j := Oₑ]} in let ϑ := ϱ .{[ j := Oᵣ]} in i ≠ j → (∂ bind f e ./ ∂ i .at ϱ) = (∂ e ./ ∂ i .at ϑ)
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
ϱ: I → R
e: Expr I
i, j: I
f:= (λ i : I, Leaf I i) .{[ j := Oₑ]}: I → Expr I
ϑ:= ϱ .{[ j := Oᵣ]}: I → R
H: i ≠ j

(∂ bind f e ./ ∂ i .at ϱ) = (∂ e ./ ∂ i .at ϑ)
by rewrite diff_bind_overwrite_leaf_id; [simpl; fold ϑ| |]. Qed.
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
ϱ: I → R
e: Expr I
i, j: I

let f := (λ i : I, Leaf I i) .{[ j := Iₑ]} in let ϑ := ϱ .{[ j := Iᵣ]} in i ≠ j → (∂ bind f e ./ ∂ i .at ϱ) = (∂ e ./ ∂ i .at ϑ)
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
ϱ: I → R
e: Expr I
i, j: I

let f := (λ i : I, Leaf I i) .{[ j := Iₑ]} in let ϑ := ϱ .{[ j := Iᵣ]} in i ≠ j → (∂ bind f e ./ ∂ i .at ϱ) = (∂ e ./ ∂ i .at ϑ)
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
ϱ: I → R
e: Expr I
i, j: I
f:= (λ i : I, Leaf I i) .{[ j := Iₑ]}: I → Expr I
ϑ:= ϱ .{[ j := Iᵣ]}: I → R
H: i ≠ j

(∂ bind f e ./ ∂ i .at ϱ) = (∂ e ./ ∂ i .at ϑ)
by rewrite diff_bind_overwrite_leaf_id; [simpl; fold ϑ| |]. Qed.
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
CI: Countable I
ϱ, ϑ: I → R
e: Expr I
i: I

( j : I, j ∈ vars e → ϱ j = ϑ j) → (∂ e ./ ∂ i .at ϱ) = (∂ e ./ ∂ i .at ϑ)
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
CI: Countable I
ϱ, ϑ: I → R
e: Expr I
i: I

( j : I, j ∈ vars e → ϱ j = ϑ j) → (∂ e ./ ∂ i .at ϱ) = (∂ e ./ ∂ i .at ϑ)
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
CI: Countable I
ϱ, ϑ: I → R
e1, e2: Expr I
i: I
IHl: ( j : I, j ∈ vars e1 → ϱ j = ϑ j) → (∂ e1 ./ ∂ i .at ϱ) = (∂ e1 ./ ∂ i .at ϑ)
IHr: ( j : I, j ∈ vars e2 → ϱ j = ϑ j) → (∂ e2 ./ ∂ i .at ϱ) = (∂ e2 ./ ∂ i .at ϑ)

( j : I, j ∈ vars (e1 +ₑ e2) → ϱ j = ϑ j) → (∂ e1 +ₑ e2 ./ ∂ i .at ϱ) = (∂ e1 +ₑ e2 ./ ∂ i .at ϑ)
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
CI: Countable I
ϱ, ϑ: I → R
e1, e2: Expr I
i: I
IHl: ( j : I, j ∈ vars e1 → ϱ j = ϑ j) → (∂ e1 ./ ∂ i .at ϱ) = (∂ e1 ./ ∂ i .at ϑ)
IHr: ( j : I, j ∈ vars e2 → ϱ j = ϑ j) → (∂ e2 ./ ∂ i .at ϱ) = (∂ e2 ./ ∂ i .at ϑ)
( j : I, j ∈ vars (e1 ×ₑ e2) → ϱ j = ϑ j) → (∂ e1 ×ₑ e2 ./ ∂ i .at ϱ) = (∂ e1 ×ₑ e2 ./ ∂ i .at ϑ)
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
CI: Countable I
ϱ, ϑ: I → R
e1, e2: Expr I
i: I
IHl: ( j : I, j ∈ vars e1 → ϱ j = ϑ j) → (∂ e1 ./ ∂ i .at ϱ) = (∂ e1 ./ ∂ i .at ϑ)
IHr: ( j : I, j ∈ vars e2 → ϱ j = ϑ j) → (∂ e2 ./ ∂ i .at ϱ) = (∂ e2 ./ ∂ i .at ϑ)

( j : I, j ∈ vars (e1 +ₑ e2) → ϱ j = ϑ j) → (∂ e1 +ₑ e2 ./ ∂ i .at ϱ) = (∂ e1 +ₑ e2 ./ ∂ i .at ϑ)
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
CI: Countable I
ϱ, ϑ: I → R
e1, e2: Expr I
i: I
IHl: ( j : I, j ∈ vars e1 → ϱ j = ϑ j) → (∂ e1 ./ ∂ i .at ϱ) = (∂ e1 ./ ∂ i .at ϑ)
IHr: ( j : I, j ∈ vars e2 → ϱ j = ϑ j) → (∂ e2 ./ ∂ i .at ϱ) = (∂ e2 ./ ∂ i .at ϑ)
Hvars: j : I, j ∈ vars (e1 +ₑ e2) → ϱ j = ϑ j

(∂ e1 +ₑ e2 ./ ∂ i .at ϱ) = (∂ e1 +ₑ e2 ./ ∂ i .at ϑ)
rewrite //= IHl; [rewrite IHr; [done|]|]; set_solver.
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
CI: Countable I
ϱ, ϑ: I → R
e1, e2: Expr I
i: I
IHl: ( j : I, j ∈ vars e1 → ϱ j = ϑ j) → (∂ e1 ./ ∂ i .at ϱ) = (∂ e1 ./ ∂ i .at ϑ)
IHr: ( j : I, j ∈ vars e2 → ϱ j = ϑ j) → (∂ e2 ./ ∂ i .at ϱ) = (∂ e2 ./ ∂ i .at ϑ)

( j : I, j ∈ vars (e1 ×ₑ e2) → ϱ j = ϑ j) → (∂ e1 ×ₑ e2 ./ ∂ i .at ϱ) = (∂ e1 ×ₑ e2 ./ ∂ i .at ϑ)
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
CI: Countable I
ϱ, ϑ: I → R
e1, e2: Expr I
i: I
IHl: ( j : I, j ∈ vars e1 → ϱ j = ϑ j) → (∂ e1 ./ ∂ i .at ϱ) = (∂ e1 ./ ∂ i .at ϑ)
IHr: ( j : I, j ∈ vars e2 → ϱ j = ϑ j) → (∂ e2 ./ ∂ i .at ϱ) = (∂ e2 ./ ∂ i .at ϑ)

( j : I, j ∈ vars (e1 ×ₑ e2) → ϱ j = ϑ j) → (∂ e1 ×ₑ e2 ./ ∂ i .at ϱ) = (∂ e1 ×ₑ e2 ./ ∂ i .at ϑ)
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
CI: Countable I
ϱ, ϑ: I → R
e1, e2: Expr I
i: I
IHl: ( j : I, j ∈ vars e1 → ϱ j = ϑ j) → (∂ e1 ./ ∂ i .at ϱ) = (∂ e1 ./ ∂ i .at ϑ)
IHr: ( j : I, j ∈ vars e2 → ϱ j = ϑ j) → (∂ e2 ./ ∂ i .at ϱ) = (∂ e2 ./ ∂ i .at ϑ)
Hvars: j : I, j ∈ vars (e1 ×ₑ e2) → ϱ j = ϑ j

(∂ e1 ×ₑ e2 ./ ∂ i .at ϱ) = (∂ e1 ×ₑ e2 ./ ∂ i .at ϑ)
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
CI: Countable I
ϱ, ϑ: I → R
e1, e2: Expr I
i: I
IHl: ( j : I, j ∈ vars e1 → ϱ j = ϑ j) → (∂ e1 ./ ∂ i .at ϱ) = (∂ e1 ./ ∂ i .at ϑ)
IHr: ( j : I, j ∈ vars e2 → ϱ j = ϑ j) → (∂ e2 ./ ∂ i .at ϱ) = (∂ e2 ./ ∂ i .at ϑ)
Hvars: j : I, j ∈ vars (e1 ×ₑ e2) → ϱ j = ϑ j

((∂ e1 ./ ∂ i .at ϑ) ×ᵣ eval (map ϱ e2) +ᵣ eval (map ϱ e1) ×ᵣ (∂ e2 ./ ∂ i .at ϑ)) = ((∂ e1 ./ ∂ i .at ϑ) ×ᵣ eval (map ϑ e2) +ᵣ eval (map ϑ e1) ×ᵣ (∂ e2 ./ ∂ i .at ϑ))
rewrite !(map_strong_ext ϱ ϑ); [done| |]; set_solver. } Qed.
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
ϱ, ϑ: I → R
e: Expr I
i: I

( j : I, ϱ j = ϑ j) → (∂ e ./ ∂ i .at ϱ) = (∂ e ./ ∂ i .at ϑ)
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
ϱ, ϑ: I → R
e: Expr I
i: I

( j : I, ϱ j = ϑ j) → (∂ e ./ ∂ i .at ϱ) = (∂ e ./ ∂ i .at ϑ)
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
ϱ, ϑ: I → R
e: Expr I
i: I
Hext: j : I, ϱ j = ϑ j

(∂ e ./ ∂ i .at ϱ) = (∂ e ./ ∂ i .at ϑ)
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
ϱ, ϑ: I → R
e1, e2: Expr I
i: I
Hext: j : I, ϱ j = ϑ j
IHl: (∂ e1 ./ ∂ i .at ϱ) = (∂ e1 ./ ∂ i .at ϑ)
IHr: (∂ e2 ./ ∂ i .at ϱ) = (∂ e2 ./ ∂ i .at ϑ)

(∂ e1 +ₑ e2 ./ ∂ i .at ϱ) = (∂ e1 +ₑ e2 ./ ∂ i .at ϑ)
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
ϱ, ϑ: I → R
e1, e2: Expr I
i: I
Hext: j : I, ϱ j = ϑ j
IHl: (∂ e1 ./ ∂ i .at ϱ) = (∂ e1 ./ ∂ i .at ϑ)
IHr: (∂ e2 ./ ∂ i .at ϱ) = (∂ e2 ./ ∂ i .at ϑ)
(∂ e1 ×ₑ e2 ./ ∂ i .at ϱ) = (∂ e1 ×ₑ e2 ./ ∂ i .at ϑ)
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
ϱ, ϑ: I → R
e1, e2: Expr I
i: I
Hext: j : I, ϱ j = ϑ j
IHl: (∂ e1 ./ ∂ i .at ϱ) = (∂ e1 ./ ∂ i .at ϑ)
IHr: (∂ e2 ./ ∂ i .at ϱ) = (∂ e2 ./ ∂ i .at ϑ)

(∂ e1 +ₑ e2 ./ ∂ i .at ϱ) = (∂ e1 +ₑ e2 ./ ∂ i .at ϑ)
by rewrite //= IHl IHr.
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
ϱ, ϑ: I → R
e1, e2: Expr I
i: I
Hext: j : I, ϱ j = ϑ j
IHl: (∂ e1 ./ ∂ i .at ϱ) = (∂ e1 ./ ∂ i .at ϑ)
IHr: (∂ e2 ./ ∂ i .at ϱ) = (∂ e2 ./ ∂ i .at ϑ)

(∂ e1 ×ₑ e2 ./ ∂ i .at ϱ) = (∂ e1 ×ₑ e2 ./ ∂ i .at ϑ)
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
ϱ, ϑ: I → R
e1, e2: Expr I
i: I
Hext: j : I, ϱ j = ϑ j
IHl: (∂ e1 ./ ∂ i .at ϱ) = (∂ e1 ./ ∂ i .at ϑ)
IHr: (∂ e2 ./ ∂ i .at ϱ) = (∂ e2 ./ ∂ i .at ϑ)

(∂ e1 ×ₑ e2 ./ ∂ i .at ϱ) = (∂ e1 ×ₑ e2 ./ ∂ i .at ϑ)
by rewrite //= IHl IHr !(map_ext ϱ ϑ). } Qed.
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
CI: Countable I
J: Set
EJ: EqDecision J
ϱ: I → J
ϑ: J → R
e: Expr I
i: I

( j : I, j ∈ vars e → ϱ i = ϱ j → i = j) → (∂ map ϱ e ./ ∂ ϱ i .at ϑ) = (∂ e ./ ∂ i .at ϑ ∘ ϱ)
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
CI: Countable I
J: Set
EJ: EqDecision J
ϱ: I → J
ϑ: J → R
e: Expr I
i: I

( j : I, j ∈ vars e → ϱ i = ϱ j → i = j) → (∂ map ϱ e ./ ∂ ϱ i .at ϑ) = (∂ e ./ ∂ i .at ϑ ∘ ϱ)
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
CI: Countable I
J: Set
EJ: EqDecision J
ϱ: I → J
ϑ: J → R
j, i: I

( j0 : I, j0 ∈ vars (Leaf I j) → ϱ i = ϱ j0 → i = j0) → (∂ map ϱ (Leaf I j) ./ ∂ ϱ i .at ϑ) = (∂ Leaf I j ./ ∂ i .at ϑ ∘ ϱ)
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
CI: Countable I
J: Set
EJ: EqDecision J
ϱ: I → J
ϑ: J → R
el, er: Expr I
i: I
IHel: ( j : I, j ∈ vars el → ϱ i = ϱ j → i = j) → (∂ map ϱ el ./ ∂ ϱ i .at ϑ) = (∂ el ./ ∂ i .at ϑ ∘ ϱ)
IHer: ( j : I, j ∈ vars er → ϱ i = ϱ j → i = j) → (∂ map ϱ er ./ ∂ ϱ i .at ϑ) = (∂ er ./ ∂ i .at ϑ ∘ ϱ)
( j : I, j ∈ vars (el +ₑ er) → ϱ i = ϱ j → i = j) → (∂ map ϱ (el +ₑ er) ./ ∂ ϱ i .at ϑ) = (∂ el +ₑ er ./ ∂ i .at ϑ ∘ ϱ)
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
CI: Countable I
J: Set
EJ: EqDecision J
ϱ: I → J
ϑ: J → R
el, er: Expr I
i: I
IHel: ( j : I, j ∈ vars el → ϱ i = ϱ j → i = j) → (∂ map ϱ el ./ ∂ ϱ i .at ϑ) = (∂ el ./ ∂ i .at ϑ ∘ ϱ)
IHer: ( j : I, j ∈ vars er → ϱ i = ϱ j → i = j) → (∂ map ϱ er ./ ∂ ϱ i .at ϑ) = (∂ er ./ ∂ i .at ϑ ∘ ϱ)
( j : I, j ∈ vars (el ×ₑ er) → ϱ i = ϱ j → i = j) → (∂ map ϱ (el ×ₑ er) ./ ∂ ϱ i .at ϑ) = (∂ el ×ₑ er ./ ∂ i .at ϑ ∘ ϱ)
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
CI: Countable I
J: Set
EJ: EqDecision J
ϱ: I → J
ϑ: J → R
j, i: I

( j0 : I, j0 ∈ vars (Leaf I j) → ϱ i = ϱ j0 → i = j0) → (∂ map ϱ (Leaf I j) ./ ∂ ϱ i .at ϑ) = (∂ Leaf I j ./ ∂ i .at ϑ ∘ ϱ)
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
CI: Countable I
J: Set
EJ: EqDecision J
ϱ: I → J
ϑ: J → R
j, i: I
: j0 : I, j0 ∈ vars (Leaf I j) → ϱ i = ϱ j0 → i = j0

(∂ map ϱ (Leaf I j) ./ ∂ ϱ i .at ϑ) = (∂ Leaf I j ./ ∂ i .at ϑ ∘ ϱ)
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
CI: Countable I
J: Set
EJ: EqDecision J
ϱ: I → J
ϑ: J → R
j, i: I
: j0 : I, j0 ∈ vars (Leaf I j) → ϱ i = ϱ j0 → i = j0

(if decide (ϱ i = ϱ j) then Iᵣ else Oᵣ) = (if decide (i = j) then Iᵣ else Oᵣ)
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
CI: Countable I
J: Set
EJ: EqDecision J
ϱ: I → J
ϑ: J → R
j, i: I
: j0 : I, j0 ∈ vars (Leaf I j) → ϱ i = ϱ j0 → i = j0

ϱ i = ϱ j → Iᵣ = (if decide (i = j) then Iᵣ else Oᵣ)
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
CI: Countable I
J: Set
EJ: EqDecision J
ϱ: I → J
ϑ: J → R
j, i: I
: j0 : I, j0 ∈ vars (Leaf I j) → ϱ i = ϱ j0 → i = j0
ϱ i ≠ ϱ j → Oᵣ = (if decide (i = j) then Iᵣ else Oᵣ)
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
CI: Countable I
J: Set
EJ: EqDecision J
ϱ: I → J
ϑ: J → R
j, i: I
: j0 : I, j0 ∈ vars (Leaf I j) → ϱ i = ϱ j0 → i = j0

ϱ i = ϱ j → Iᵣ = (if decide (i = j) then Iᵣ else Oᵣ)
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
CI: Countable I
J: Set
EJ: EqDecision J
ϱ: I → J
ϑ: J → R
j, i: I
: j0 : I, j0 ∈ vars (Leaf I j) → ϱ i = ϱ j0 → i = j0
Heq: ϱ i = ϱ j

Iᵣ = (if decide (i = j) then Iᵣ else Oᵣ)
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
CI: Countable I
J: Set
EJ: EqDecision J
ϱ: I → J
ϑ: J → R
j, i: I
: j0 : I, j0 ∈ vars (Leaf I j) → ϱ i = ϱ j0 → i = j0
Heq: ϱ i = ϱ j

Iᵣ = (if decide (j = j) then Iᵣ else Oᵣ)
by rewrite decide_True.
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
CI: Countable I
J: Set
EJ: EqDecision J
ϱ: I → J
ϑ: J → R
j, i: I
: j0 : I, j0 ∈ vars (Leaf I j) → ϱ i = ϱ j0 → i = j0

ϱ i ≠ ϱ j → Oᵣ = (if decide (i = j) then Iᵣ else Oᵣ)
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
CI: Countable I
J: Set
EJ: EqDecision J
ϱ: I → J
ϑ: J → R
j, i: I
: j0 : I, j0 ∈ vars (Leaf I j) → ϱ i = ϱ j0 → i = j0

i = j → ϱ i ≠ ϱ j → Oᵣ = Iᵣ
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
CI: Countable I
J: Set
EJ: EqDecision J
ϱ: I → J
ϑ: J → R
j: I
: j0 : I, j0 ∈ vars (Leaf I j) → ϱ j = ϱ j0 → j = j0

ϱ j ≠ ϱ j → Oᵣ = Iᵣ
contradiction.
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
CI: Countable I
J: Set
EJ: EqDecision J
ϱ: I → J
ϑ: J → R
el, er: Expr I
i: I
IHel: ( j : I, j ∈ vars el → ϱ i = ϱ j → i = j) → (∂ map ϱ el ./ ∂ ϱ i .at ϑ) = (∂ el ./ ∂ i .at ϑ ∘ ϱ)
IHer: ( j : I, j ∈ vars er → ϱ i = ϱ j → i = j) → (∂ map ϱ er ./ ∂ ϱ i .at ϑ) = (∂ er ./ ∂ i .at ϑ ∘ ϱ)

( j : I, j ∈ vars (el +ₑ er) → ϱ i = ϱ j → i = j) → (∂ map ϱ (el +ₑ er) ./ ∂ ϱ i .at ϑ) = (∂ el +ₑ er ./ ∂ i .at ϑ ∘ ϱ)
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
CI: Countable I
J: Set
EJ: EqDecision J
ϱ: I → J
ϑ: J → R
el, er: Expr I
i: I
IHel: ( j : I, j ∈ vars el → ϱ i = ϱ j → i = j) → (∂ map ϱ el ./ ∂ ϱ i .at ϑ) = (∂ el ./ ∂ i .at ϑ ∘ ϱ)
IHer: ( j : I, j ∈ vars er → ϱ i = ϱ j → i = j) → (∂ map ϱ er ./ ∂ ϱ i .at ϑ) = (∂ er ./ ∂ i .at ϑ ∘ ϱ)
( j : I, j ∈ vars (el ×ₑ er) → ϱ i = ϱ j → i = j) → (∂ map ϱ (el ×ₑ er) ./ ∂ ϱ i .at ϑ) = (∂ el ×ₑ er ./ ∂ i .at ϑ ∘ ϱ)
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
CI: Countable I
J: Set
EJ: EqDecision J
ϱ: I → J
ϑ: J → R
el, er: Expr I
i: I
IHel: ( j : I, j ∈ vars el → ϱ i = ϱ j → i = j) → (∂ map ϱ el ./ ∂ ϱ i .at ϑ) = (∂ el ./ ∂ i .at ϑ ∘ ϱ)
IHer: ( j : I, j ∈ vars er → ϱ i = ϱ j → i = j) → (∂ map ϱ er ./ ∂ ϱ i .at ϑ) = (∂ er ./ ∂ i .at ϑ ∘ ϱ)

( j : I, j ∈ vars (el +ₑ er) → ϱ i = ϱ j → i = j) → (∂ map ϱ (el +ₑ er) ./ ∂ ϱ i .at ϑ) = (∂ el +ₑ er ./ ∂ i .at ϑ ∘ ϱ)
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
CI: Countable I
J: Set
EJ: EqDecision J
ϱ: I → J
ϑ: J → R
el, er: Expr I
i: I
IHel: ( j : I, j ∈ vars el → ϱ i = ϱ j → i = j) → (∂ map ϱ el ./ ∂ ϱ i .at ϑ) = (∂ el ./ ∂ i .at ϑ ∘ ϱ)
IHer: ( j : I, j ∈ vars er → ϱ i = ϱ j → i = j) → (∂ map ϱ er ./ ∂ ϱ i .at ϑ) = (∂ er ./ ∂ i .at ϑ ∘ ϱ)
H: j : I, j ∈ vars (el +ₑ er) → ϱ i = ϱ j → i = j

(∂ map ϱ (el +ₑ er) ./ ∂ ϱ i .at ϑ) = (∂ el +ₑ er ./ ∂ i .at ϑ ∘ ϱ)
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
CI: Countable I
J: Set
EJ: EqDecision J
ϱ: I → J
ϑ: J → R
el, er: Expr I
i: I
IHel: ( j : I, j ∈ vars el → ϱ i = ϱ j → i = j) → (∂ map ϱ el ./ ∂ ϱ i .at ϑ) = (∂ el ./ ∂ i .at ϑ ∘ ϱ)
IHer: ( j : I, j ∈ vars er → ϱ i = ϱ j → i = j) → (∂ map ϱ er ./ ∂ ϱ i .at ϑ) = (∂ er ./ ∂ i .at ϑ ∘ ϱ)
H: j : I, j ∈ vars (el +ₑ er) → ϱ i = ϱ j → i = j

((∂ el ./ ∂ i .at ϑ ∘ ϱ) +ᵣ (∂ map ϱ er ./ ∂ ϱ i .at ϑ)) = ((∂ el ./ ∂ i .at ϑ ∘ ϱ) +ᵣ (∂ er ./ ∂ i .at ϑ ∘ ϱ))
by rewrite IHer; [|set_solver].
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
CI: Countable I
J: Set
EJ: EqDecision J
ϱ: I → J
ϑ: J → R
el, er: Expr I
i: I
IHel: ( j : I, j ∈ vars el → ϱ i = ϱ j → i = j) → (∂ map ϱ el ./ ∂ ϱ i .at ϑ) = (∂ el ./ ∂ i .at ϑ ∘ ϱ)
IHer: ( j : I, j ∈ vars er → ϱ i = ϱ j → i = j) → (∂ map ϱ er ./ ∂ ϱ i .at ϑ) = (∂ er ./ ∂ i .at ϑ ∘ ϱ)

( j : I, j ∈ vars (el ×ₑ er) → ϱ i = ϱ j → i = j) → (∂ map ϱ (el ×ₑ er) ./ ∂ ϱ i .at ϑ) = (∂ el ×ₑ er ./ ∂ i .at ϑ ∘ ϱ)
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
CI: Countable I
J: Set
EJ: EqDecision J
ϱ: I → J
ϑ: J → R
el, er: Expr I
i: I
IHel: ( j : I, j ∈ vars el → ϱ i = ϱ j → i = j) → (∂ map ϱ el ./ ∂ ϱ i .at ϑ) = (∂ el ./ ∂ i .at ϑ ∘ ϱ)
IHer: ( j : I, j ∈ vars er → ϱ i = ϱ j → i = j) → (∂ map ϱ er ./ ∂ ϱ i .at ϑ) = (∂ er ./ ∂ i .at ϑ ∘ ϱ)

( j : I, j ∈ vars (el ×ₑ er) → ϱ i = ϱ j → i = j) → (∂ map ϱ (el ×ₑ er) ./ ∂ ϱ i .at ϑ) = (∂ el ×ₑ er ./ ∂ i .at ϑ ∘ ϱ)
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
CI: Countable I
J: Set
EJ: EqDecision J
ϱ: I → J
ϑ: J → R
el, er: Expr I
i: I
IHel: ( j : I, j ∈ vars el → ϱ i = ϱ j → i = j) → (∂ map ϱ el ./ ∂ ϱ i .at ϑ) = (∂ el ./ ∂ i .at ϑ ∘ ϱ)
IHer: ( j : I, j ∈ vars er → ϱ i = ϱ j → i = j) → (∂ map ϱ er ./ ∂ ϱ i .at ϑ) = (∂ er ./ ∂ i .at ϑ ∘ ϱ)
H: j : I, j ∈ vars (el ×ₑ er) → ϱ i = ϱ j → i = j

(∂ map ϱ (el ×ₑ er) ./ ∂ ϱ i .at ϑ) = (∂ el ×ₑ er ./ ∂ i .at ϑ ∘ ϱ)
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
CI: Countable I
J: Set
EJ: EqDecision J
ϱ: I → J
ϑ: J → R
el, er: Expr I
i: I
IHel: ( j : I, j ∈ vars el → ϱ i = ϱ j → i = j) → (∂ map ϱ el ./ ∂ ϱ i .at ϑ) = (∂ el ./ ∂ i .at ϑ ∘ ϱ)
IHer: ( j : I, j ∈ vars er → ϱ i = ϱ j → i = j) → (∂ map ϱ er ./ ∂ ϱ i .at ϑ) = (∂ er ./ ∂ i .at ϑ ∘ ϱ)
H: j : I, j ∈ vars (el ×ₑ er) → ϱ i = ϱ j → i = j

((∂ el ./ ∂ i .at ϑ ∘ ϱ) ×ᵣ eval (map ϑ (map ϱ er)) +ᵣ eval (map ϑ (map ϱ el)) ×ᵣ (∂ map ϱ er ./ ∂ ϱ i .at ϑ)) = ((∂ el ./ ∂ i .at ϑ ∘ ϱ) ×ᵣ eval (map (ϑ ∘ ϱ) er) +ᵣ eval (map (ϑ ∘ ϱ) el) ×ᵣ (∂ er ./ ∂ i .at ϑ ∘ ϱ))
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
CI: Countable I
J: Set
EJ: EqDecision J
ϱ: I → J
ϑ: J → R
el, er: Expr I
i: I
IHel: ( j : I, j ∈ vars el → ϱ i = ϱ j → i = j) → (∂ map ϱ el ./ ∂ ϱ i .at ϑ) = (∂ el ./ ∂ i .at ϑ ∘ ϱ)
IHer: ( j : I, j ∈ vars er → ϱ i = ϱ j → i = j) → (∂ map ϱ er ./ ∂ ϱ i .at ϑ) = (∂ er ./ ∂ i .at ϑ ∘ ϱ)
H: j : I, j ∈ vars (el ×ₑ er) → ϱ i = ϱ j → i = j

((∂ el ./ ∂ i .at ϑ ∘ ϱ) ×ᵣ eval (map ϑ (map ϱ er)) +ᵣ eval (map ϑ (map ϱ el)) ×ᵣ (∂ er ./ ∂ i .at ϑ ∘ ϱ)) = ((∂ el ./ ∂ i .at ϑ ∘ ϱ) ×ᵣ eval (map (ϑ ∘ ϱ) er) +ᵣ eval (map (ϑ ∘ ϱ) el) ×ᵣ (∂ er ./ ∂ i .at ϑ ∘ ϱ))
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
CI: Countable I
J: Set
EJ: EqDecision J
ϱ: I → J
ϑ: J → R
el, er: Expr I
i: I
IHel: ( j : I, j ∈ vars el → ϱ i = ϱ j → i = j) → (∂ map ϱ el ./ ∂ ϱ i .at ϑ) = (∂ el ./ ∂ i .at ϑ ∘ ϱ)
IHer: ( j : I, j ∈ vars er → ϱ i = ϱ j → i = j) → (∂ map ϱ er ./ ∂ ϱ i .at ϑ) = (∂ er ./ ∂ i .at ϑ ∘ ϱ)
H: j : I, j ∈ vars (el ×ₑ er) → ϱ i = ϱ j → i = j

((∂ el ./ ∂ i .at ϑ ∘ ϱ) ×ᵣ eval (map ϑ (map ϱ er)) +ᵣ eval (map ϑ (map ϱ el)) ×ᵣ (∂ er ./ ∂ i .at ϑ ∘ ϱ)) = ((∂ el ./ ∂ i .at ϑ ∘ ϱ) ×ᵣ eval (map ϑ (map ϱ er)) +ᵣ eval (map ϑ (map ϱ el)) ×ᵣ (∂ er ./ ∂ i .at ϑ ∘ ϱ))
done. } Qed.
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
e: Expr I
i: I
r: R

eval (map (λ _ : I, r) (∂ e ./ ∂ i .at (λ j : I, Leaf I j))) = (∂ e ./ ∂ i .at (λ _ : I, r))
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
e: Expr I
i: I
r: R

eval (map (λ _ : I, r) (∂ e ./ ∂ i .at (λ j : I, Leaf I j))) = (∂ e ./ ∂ i .at (λ _ : I, r))
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
j, i: I
r: R

eval (map (λ _ : I, r) (∂ Leaf I j ./ ∂ i .at (λ j : I, Leaf I j))) = (∂ Leaf I j ./ ∂ i .at (λ _ : I, r))
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
e1, e2: Expr I
i: I
r: R
IHe1: eval (map (λ _ : I, r) (∂ e1 ./ ∂ i .at (λ j : I, Leaf I j))) = (∂ e1 ./ ∂ i .at (λ _ : I, r))
IHe2: eval (map (λ _ : I, r) (∂ e2 ./ ∂ i .at (λ j : I, Leaf I j))) = (∂ e2 ./ ∂ i .at (λ _ : I, r))
eval (map (λ _ : I, r) (∂ e1 +ₑ e2 ./ ∂ i .at (λ j : I, Leaf I j))) = (∂ e1 +ₑ e2 ./ ∂ i .at (λ _ : I, r))
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
e1, e2: Expr I
i: I
r: R
IHe1: eval (map (λ _ : I, r) (∂ e1 ./ ∂ i .at (λ j : I, Leaf I j))) = (∂ e1 ./ ∂ i .at (λ _ : I, r))
IHe2: eval (map (λ _ : I, r) (∂ e2 ./ ∂ i .at (λ j : I, Leaf I j))) = (∂ e2 ./ ∂ i .at (λ _ : I, r))
eval (map (λ _ : I, r) (∂ e1 ×ₑ e2 ./ ∂ i .at (λ j : I, Leaf I j))) = (∂ e1 ×ₑ e2 ./ ∂ i .at (λ _ : I, r))
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
j, i: I
r: R

eval (map (λ _ : I, r) (∂ Leaf I j ./ ∂ i .at (λ j : I, Leaf I j))) = (∂ Leaf I j ./ ∂ i .at (λ _ : I, r))
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
j, i: I
r: R

eval (map (λ _ : I, r) (if decide (i = j) then Iₑ else Oₑ)) = (if decide (i = j) then Iᵣ else Oᵣ)
by case (decide (i = j)).
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
e1, e2: Expr I
i: I
r: R
IHe1: eval (map (λ _ : I, r) (∂ e1 ./ ∂ i .at (λ j : I, Leaf I j))) = (∂ e1 ./ ∂ i .at (λ _ : I, r))
IHe2: eval (map (λ _ : I, r) (∂ e2 ./ ∂ i .at (λ j : I, Leaf I j))) = (∂ e2 ./ ∂ i .at (λ _ : I, r))

eval (map (λ _ : I, r) (∂ e1 +ₑ e2 ./ ∂ i .at (λ j : I, Leaf I j))) = (∂ e1 +ₑ e2 ./ ∂ i .at (λ _ : I, r))
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
e1, e2: Expr I
i: I
r: R
IHe1: eval (map (λ _ : I, r) (∂ e1 ./ ∂ i .at (λ j : I, Leaf I j))) = (∂ e1 ./ ∂ i .at (λ _ : I, r))
IHe2: eval (map (λ _ : I, r) (∂ e2 ./ ∂ i .at (λ j : I, Leaf I j))) = (∂ e2 ./ ∂ i .at (λ _ : I, r))
eval (map (λ _ : I, r) (∂ e1 ×ₑ e2 ./ ∂ i .at (λ j : I, Leaf I j))) = (∂ e1 ×ₑ e2 ./ ∂ i .at (λ _ : I, r))
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
e1, e2: Expr I
i: I
r: R
IHe1: eval (map (λ _ : I, r) (∂ e1 ./ ∂ i .at (λ j : I, Leaf I j))) = (∂ e1 ./ ∂ i .at (λ _ : I, r))
IHe2: eval (map (λ _ : I, r) (∂ e2 ./ ∂ i .at (λ j : I, Leaf I j))) = (∂ e2 ./ ∂ i .at (λ _ : I, r))

eval (map (λ _ : I, r) (∂ e1 +ₑ e2 ./ ∂ i .at (λ j : I, Leaf I j))) = (∂ e1 +ₑ e2 ./ ∂ i .at (λ _ : I, r))
by rewrite //= IHe1 IHe2.
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
e1, e2: Expr I
i: I
r: R
IHe1: eval (map (λ _ : I, r) (∂ e1 ./ ∂ i .at (λ j : I, Leaf I j))) = (∂ e1 ./ ∂ i .at (λ _ : I, r))
IHe2: eval (map (λ _ : I, r) (∂ e2 ./ ∂ i .at (λ j : I, Leaf I j))) = (∂ e2 ./ ∂ i .at (λ _ : I, r))

eval (map (λ _ : I, r) (∂ e1 ×ₑ e2 ./ ∂ i .at (λ j : I, Leaf I j))) = (∂ e1 ×ₑ e2 ./ ∂ i .at (λ _ : I, r))
I: Set
EI: EqDecision I
R: Set
RS: RingSig R
e1, e2: Expr I
i: I
r: R
IHe1: eval (map (λ _ : I, r) (∂ e1 ./ ∂ i .at (λ j : I, Leaf I j))) = (∂ e1 ./ ∂ i .at (λ _ : I, r))
IHe2: eval (map (λ _ : I, r) (∂ e2 ./ ∂ i .at (λ j : I, Leaf I j))) = (∂ e2 ./ ∂ i .at (λ _ : I, r))

eval (map (λ _ : I, r) (∂ e1 ×ₑ e2 ./ ∂ i .at (λ j : I, Leaf I j))) = (∂ e1 ×ₑ e2 ./ ∂ i .at (λ _ : I, r))
by rewrite //= IHe1 IHe2 !eval_trivial. } Qed. End diff. Section univariate_expr.
e: Expr ()

eval (map (λ _ : (), Xₑ) e) = e
e: Expr ()

eval (map (λ _ : (), Xₑ) e) = e
e: Expr ()
e':= ?e': Expr ()

eval (map (λ _ : (), Xₑ) e) = e
e: Expr ()
e':= eval (map (λ i : (), Leaf () i) e): Expr ()

eval (map (λ _ : (), Xₑ) e) = eval (map (λ i : (), Leaf () i) e)
e: Expr ()
e':= eval (map (λ i : (), Leaf () i) e): Expr ()

map (λ _ : (), Xₑ) e = map (λ i : (), Leaf () i) e
e: Expr ()
e':= eval (map (λ i : (), Leaf () i) e): Expr ()

i : (), Xₑ = Leaf () i
by intros (). Qed.
R: Set
RS: RingSig R
e: Expr ()
r: R

eval (map (λ _ : (), r) (∂ e ./ ∂ () .at (λ _ : (), Xₑ))) = (∂ e ./ ∂ () .at (λ _ : (), r))
R: Set
RS: RingSig R
e: Expr ()
r: R

eval (map (λ _ : (), r) (∂ e ./ ∂ () .at (λ _ : (), Xₑ))) = (∂ e ./ ∂ () .at (λ _ : (), r))
R: Set
RS: RingSig R
e: Expr ()
r: R
s:= ?s: R

eval (map (λ _ : (), r) (∂ e ./ ∂ () .at (λ _ : (), Xₑ))) = (∂ e ./ ∂ () .at (λ _ : (), r))
R: Set
RS: RingSig R
e: Expr ()
r: R
s:= eval (map (λ _ : (), r) (∂ e ./ ∂ () .at (λ j : (), Leaf () j))): R

eval (map (λ _ : (), r) (∂ e ./ ∂ () .at (λ _ : (), Xₑ))) = eval (map (λ _ : (), r) (∂ e ./ ∂ () .at (λ j : (), Leaf () j)))
R: Set
RS: RingSig R
e: Expr ()
r: R
s:= eval (map (λ _ : (), r) (∂ e ./ ∂ () .at (λ j : (), Leaf () j))): R

(∂ e ./ ∂ () .at (λ _ : (), Xₑ)) = (∂ e ./ ∂ () .at (λ j : (), Leaf () j))
R: Set
RS: RingSig R
e: Expr ()
r: R
s:= eval (map (λ _ : (), r) (∂ e ./ ∂ () .at (λ j : (), Leaf () j))): R

j : (), Xₑ = Leaf () j
by intros (). Qed. End univariate_expr. Section proofs_using_ring_tactic. Context {R : Set} {RS : RingSig R} {RA : IsRing R}. Add Ring LocalRing : is_semi_ring.
R: Set
RS: RingSig R
RA: IsRing R
ϱ: val → R
K: context
x: val
op: Binop
a, b, y, u: val

let ϑ := ϱ .{[ x := denote op (ϱ a) (ϱ b)]} in let a_b := Node val op (Leaf val a) (Leaf val b) in x ≠ u → (∂ Let (x, (op, a, b)) :: K .in y ./ ∂ u .at ϱ) =ᵣ ((∂ Let K .in y ./ ∂ u .at ϑ) +ᵣ (∂ Let K .in y ./ ∂ x .at ϑ) ×ᵣ (∂ a_b ./ ∂ u .at ϱ))
R: Set
RS: RingSig R
RA: IsRing R
ϱ: val → R
K: context
x: val
op: Binop
a, b, y, u: val

let ϑ := ϱ .{[ x := denote op (ϱ a) (ϱ b)]} in let a_b := Node val op (Leaf val a) (Leaf val b) in x ≠ u → (∂ Let (x, (op, a, b)) :: K .in y ./ ∂ u .at ϱ) =ᵣ ((∂ Let K .in y ./ ∂ u .at ϑ) +ᵣ (∂ Let K .in y ./ ∂ x .at ϑ) ×ᵣ (∂ a_b ./ ∂ u .at ϱ))
R: Set
RS: RingSig R
RA: IsRing R
ϱ: val → R
K: context
x: val
op: Binop
a, b, y, u: val
ϑ:= ϱ .{[ x := denote op (ϱ a) (ϱ b)]}: val → R
a_b:= Node val op (Leaf val a) (Leaf val b): Expr val

x ≠ u → (∂ Let (x, (op, a, b)) :: K .in y ./ ∂ u .at ϱ) =ᵣ ((∂ Let K .in y ./ ∂ u .at ϑ) +ᵣ (∂ Let K .in y ./ ∂ x .at ϑ) ×ᵣ (∂ a_b ./ ∂ u .at ϱ))
R: Set
RS: RingSig R
RA: IsRing R
ϱ: val → R
K: context
x: val
op: Binop
a, b, u: val
ϑ:= ϱ .{[ x := denote op (ϱ a) (ϱ b)]}: val → R
a_b:= Node val op (Leaf val a) (Leaf val b): Expr val

y : val, x ≠ u → (∂ Let (x, (op, a, b)) :: K .in y ./ ∂ u .at ϱ) =ᵣ ((∂ Let K .in y ./ ∂ u .at ϑ) +ᵣ (∂ Let K .in y ./ ∂ x .at ϑ) ×ᵣ (∂ a_b ./ ∂ u .at ϱ))
R: Set
RS: RingSig R
RA: IsRing R
ϱ: val → R
x: val
op: Binop
a, b, u: val
ϑ:= ϱ .{[ x := denote op (ϱ a) (ϱ b)]}: val → R
a_b:= Node val op (Leaf val a) (Leaf val b): Expr val

y : val, x ≠ u → (∂ Let [(x, (op, a, b))] .in y ./ ∂ u .at ϱ) =ᵣ ((∂ Let [] .in y ./ ∂ u .at ϑ) +ᵣ (∂ Let [] .in y ./ ∂ x .at ϑ) ×ᵣ (∂ a_b ./ ∂ u .at ϱ))
R: Set
RS: RingSig R
RA: IsRing R
ϱ: val → R
x': val
op': Binop
a', b': val
K': list (val * node)
x: val
op: Binop
a, b, u: val
ϑ:= ϱ .{[ x := denote op (ϱ a) (ϱ b)]}: val → R
a_b:= Node val op (Leaf val a) (Leaf val b): Expr val
IHK': y : val, x ≠ u → (∂ Let (x, (op, a, b)) :: K' .in y ./ ∂ u .at ϱ) =ᵣ ((∂ Let K' .in y ./ ∂ u .at ϑ) +ᵣ (∂ Let K' .in y ./ ∂ x .at ϑ) ×ᵣ (∂ a_b ./ ∂ u .at ϱ))
y : val, x ≠ u → (∂ Let (x, (op, a, b)) :: K' ++ [(x', (op', a', b'))] .in y ./ ∂ u .at ϱ) =ᵣ ((∂ Let K' ++ [(x', (op', a', b'))] .in y ./ ∂ u .at ϑ) +ᵣ (∂ Let K' ++ [(x', (op', a', b'))] .in y ./ ∂ x .at ϑ) ×ᵣ (∂ a_b ./ ∂ u .at ϱ))
R: Set
RS: RingSig R
RA: IsRing R
ϱ: val → R
x: val
op: Binop
a, b, u: val
ϑ:= ϱ .{[ x := denote op (ϱ a) (ϱ b)]}: val → R
a_b:= Node val op (Leaf val a) (Leaf val b): Expr val

y : val, x ≠ u → (∂ Let [(x, (op, a, b))] .in y ./ ∂ u .at ϱ) =ᵣ ((∂ Let [] .in y ./ ∂ u .at ϑ) +ᵣ (∂ Let [] .in y ./ ∂ x .at ϑ) ×ᵣ (∂ a_b ./ ∂ u .at ϱ))
R: Set
RS: RingSig R
RA: IsRing R
ϱ: val → R
x: val
op: Binop
a, b, u: val
ϑ:= ϱ .{[ x := denote op (ϱ a) (ϱ b)]}: val → R
a_b:= Node val op (Leaf val a) (Leaf val b): Expr val
y: val
H: x ≠ u

(∂ Let [(x, (op, a, b))] .in y ./ ∂ u .at ϱ) =ᵣ ((∂ Let [] .in y ./ ∂ u .at ϑ) +ᵣ (∂ Let [] .in y ./ ∂ x .at ϑ) ×ᵣ (∂ a_b ./ ∂ u .at ϱ))
R: Set
RS: RingSig R
RA: IsRing R
ϱ: val → R
x: val
op: Binop
a, b, u: val
ϑ:= ϱ .{[ x := denote op (ϱ a) (ϱ b)]}: val → R
a_b:= Node val op (Leaf val a) (Leaf val b): Expr val
y: val
H: x ≠ u

(∂ if decide (x = y) then Node val op (Leaf val a) (Leaf val b) else Leaf val y ./ ∂ u .at ϱ) =ᵣ ((∂ Leaf val y ./ ∂ u .at ϑ) +ᵣ (∂ Leaf val y ./ ∂ x .at ϑ) ×ᵣ (∂ a_b ./ ∂ u .at ϱ))
R: Set
RS: RingSig R
RA: IsRing R
ϱ: val → R
x: val
op: Binop
a, b, u: val
ϑ:= ϱ .{[ x := denote op (ϱ a) (ϱ b)]}: val → R
a_b:= Node val op (Leaf val a) (Leaf val b): Expr val
y: val
H: x ≠ u

x = y → (∂ Node val op (Leaf val a) (Leaf val b) ./ ∂ u .at ϱ) =ᵣ ((∂ Leaf val y ./ ∂ u .at ϑ) +ᵣ (∂ Leaf val y ./ ∂ x .at ϑ) ×ᵣ (∂ a_b ./ ∂ u .at ϱ))
R: Set
RS: RingSig R
RA: IsRing R
ϱ: val → R
x: val
op: Binop
a, b, u: val
ϑ:= ϱ .{[ x := denote op (ϱ a) (ϱ b)]}: val → R
a_b:= Node val op (Leaf val a) (Leaf val b): Expr val
y: val
H: x ≠ u
x ≠ y → (∂ Leaf val y ./ ∂ u .at ϱ) =ᵣ ((∂ Leaf val y ./ ∂ u .at ϑ) +ᵣ (∂ Leaf val y ./ ∂ x .at ϑ) ×ᵣ (∂ a_b ./ ∂ u .at ϱ))
R: Set
RS: RingSig R
RA: IsRing R
ϱ: val → R
x: val
op: Binop
a, b, u: val
ϑ:= ϱ .{[ x := denote op (ϱ a) (ϱ b)]}: val → R
a_b:= Node val op (Leaf val a) (Leaf val b): Expr val
y: val
H: x ≠ u

x = y → (∂ Node val op (Leaf val a) (Leaf val b) ./ ∂ u .at ϱ) =ᵣ ((∂ Leaf val y ./ ∂ u .at ϑ) +ᵣ (∂ Leaf val y ./ ∂ x .at ϑ) ×ᵣ (∂ a_b ./ ∂ u .at ϱ))
R: Set
RS: RingSig R
RA: IsRing R
ϱ: val → R
op: Binop
a, b, u, y: val
H: y ≠ u
ϑ:= ϱ .{[ y := denote op (ϱ a) (ϱ b)]}: val → R
a_b:= Node val op (Leaf val a) (Leaf val b): Expr val

(∂ Node val op (Leaf val a) (Leaf val b) ./ ∂ u .at ϱ) =ᵣ ((∂ Leaf val y ./ ∂ u .at ϑ) +ᵣ (∂ Leaf val y ./ ∂ y .at ϑ) ×ᵣ (∂ a_b ./ ∂ u .at ϱ))
R: Set
RS: RingSig R
RA: IsRing R
ϱ: val → R
op: Binop
a, b, u, y: val
H: y ≠ u
ϑ:= ϱ .{[ y := denote op (ϱ a) (ϱ b)]}: val → R
a_b:= Node val op (Leaf val a) (Leaf val b): Expr val

(∂ Node val op (Leaf val a) (Leaf val b) ./ ∂ u .at ϱ) =ᵣ (Oᵣ +ᵣ (Iᵣ) ×ᵣ (∂ a_b ./ ∂ u .at ϱ))
R: Set
RS: RingSig R
RA: IsRing R
ϱ: val → R
op: Binop
a, b, u, y: val
H: y ≠ u
ϑ:= ϱ .{[ y := denote op (ϱ a) (ϱ b)]}: val → R
a_b:= Node val op (Leaf val a) (Leaf val b): Expr val

(∂ a_b ./ ∂ u .at ϱ) =ᵣ (Oᵣ +ᵣ (Iᵣ) ×ᵣ (∂ a_b ./ ∂ u .at ϱ))
ring.
R: Set
RS: RingSig R
RA: IsRing R
ϱ: val → R
x: val
op: Binop
a, b, u: val
ϑ:= ϱ .{[ x := denote op (ϱ a) (ϱ b)]}: val → R
a_b:= Node val op (Leaf val a) (Leaf val b): Expr val
y: val
H: x ≠ u

x ≠ y → (∂ Leaf val y ./ ∂ u .at ϱ) =ᵣ ((∂ Leaf val y ./ ∂ u .at ϑ) +ᵣ (∂ Leaf val y ./ ∂ x .at ϑ) ×ᵣ (∂ a_b ./ ∂ u .at ϱ))
R: Set
RS: RingSig R
RA: IsRing R
ϱ: val → R
x: val
op: Binop
a, b, u: val
ϑ:= ϱ .{[ x := denote op (ϱ a) (ϱ b)]}: val → R
a_b:= Node val op (Leaf val a) (Leaf val b): Expr val
y: val
H: x ≠ u
n: x ≠ y

(∂ Leaf val y ./ ∂ u .at ϱ) =ᵣ ((∂ Leaf val y ./ ∂ u .at ϑ) +ᵣ (∂ Leaf val y ./ ∂ x .at ϑ) ×ᵣ (∂ a_b ./ ∂ u .at ϱ))
R: Set
RS: RingSig R
RA: IsRing R
ϱ: val → R
x: val
op: Binop
a, b, u: val
ϑ:= ϱ .{[ x := denote op (ϱ a) (ϱ b)]}: val → R
a_b:= Node val op (Leaf val a) (Leaf val b): Expr val
y: val
H: x ≠ u
n: x ≠ y

(∂ Leaf val y ./ ∂ u .at ϱ) =ᵣ ((∂ Leaf val y ./ ∂ u .at ϑ) +ᵣ (Oᵣ) ×ᵣ (∂ a_b ./ ∂ u .at ϱ))
R: Set
RS: RingSig R
RA: IsRing R
ϱ: val → R
x: val
op: Binop
a, b, u: val
ϑ:= ϱ .{[ x := denote op (ϱ a) (ϱ b)]}: val → R
a_b:= Node val op (Leaf val a) (Leaf val b): Expr val
y: val
H: x ≠ u
n: x ≠ y

(if decide (u = y) then Iᵣ else Oᵣ) =ᵣ ((if decide (u = y) then Iᵣ else Oᵣ) +ᵣ (Oᵣ) ×ᵣ match op with | Add => (if decide (u = a) then Iᵣ else Oᵣ) +ᵣ (if decide (u = b) then Iᵣ else Oᵣ) | Mul => (if decide (u = a) then Iᵣ else Oᵣ) ×ᵣ ϱ b +ᵣ ϱ a ×ᵣ (if decide (u = b) then Iᵣ else Oᵣ) end)
ring.
R: Set
RS: RingSig R
RA: IsRing R
ϱ: val → R
x': val
op': Binop
a', b': val
K': list (val * node)
x: val
op: Binop
a, b, u: val
ϑ:= ϱ .{[ x := denote op (ϱ a) (ϱ b)]}: val → R
a_b:= Node val op (Leaf val a) (Leaf val b): Expr val
IHK': y : val, x ≠ u → (∂ Let (x, (op, a, b)) :: K' .in y ./ ∂ u .at ϱ) =ᵣ ((∂ Let K' .in y ./ ∂ u .at ϑ) +ᵣ (∂ Let K' .in y ./ ∂ x .at ϑ) ×ᵣ (∂ a_b ./ ∂ u .at ϱ))

y : val, x ≠ u → (∂ Let (x, (op, a, b)) :: K' ++ [(x', (op', a', b'))] .in y ./ ∂ u .at ϱ) =ᵣ ((∂ Let K' ++ [(x', (op', a', b'))] .in y ./ ∂ u .at ϑ) +ᵣ (∂ Let K' ++ [(x', (op', a', b'))] .in y ./ ∂ x .at ϑ) ×ᵣ (∂ a_b ./ ∂ u .at ϱ))
R: Set
RS: RingSig R
RA: IsRing R
ϱ: val → R
x': val
op': Binop
a', b': val
K': list (val * node)
x: val
op: Binop
a, b, u: val
ϑ:= ϱ .{[ x := denote op (ϱ a) (ϱ b)]}: val → R
a_b:= Node val op (Leaf val a) (Leaf val b): Expr val
IHK': y : val, x ≠ u → (∂ Let (x, (op, a, b)) :: K' .in y ./ ∂ u .at ϱ) =ᵣ ((∂ Let K' .in y ./ ∂ u .at ϑ) +ᵣ (∂ Let K' .in y ./ ∂ x .at ϑ) ×ᵣ (∂ a_b ./ ∂ u .at ϱ))

y : val, x ≠ u → (∂ Let (x, (op, a, b)) :: K' ++ [(x', (op', a', b'))] .in y ./ ∂ u .at ϱ) =ᵣ ((∂ Let K' ++ [(x', (op', a', b'))] .in y ./ ∂ u .at ϑ) +ᵣ (∂ Let K' ++ [(x', (op', a', b'))] .in y ./ ∂ x .at ϑ) ×ᵣ (∂ a_b ./ ∂ u .at ϱ))
R: Set
RS: RingSig R
RA: IsRing R
ϱ: val → R
x': val
op': Binop
a', b': val
K': list (val * node)
x: val
op: Binop
a, b, u: val
ϑ:= ϱ .{[ x := denote op (ϱ a) (ϱ b)]}: val → R
a_b:= Node val op (Leaf val a) (Leaf val b): Expr val
IHK': y : val, x ≠ u → (∂ Let (x, (op, a, b)) :: K' .in y ./ ∂ u .at ϱ) =ᵣ ((∂ Let K' .in y ./ ∂ u .at ϑ) +ᵣ (∂ Let K' .in y ./ ∂ x .at ϑ) ×ᵣ (∂ a_b ./ ∂ u .at ϱ))
y: val
H: x ≠ u

(∂ Let (x, (op, a, b)) :: K' ++ [(x', (op', a', b'))] .in y ./ ∂ u .at ϱ) =ᵣ ((∂ Let K' ++ [(x', (op', a', b'))] .in y ./ ∂ u .at ϑ) +ᵣ (∂ Let K' ++ [(x', (op', a', b'))] .in y ./ ∂ x .at ϑ) ×ᵣ (∂ a_b ./ ∂ u .at ϱ))
R: Set
RS: RingSig R
RA: IsRing R
ϱ: val → R
x': val
op': Binop
a', b': val
K': list (val * node)
x: val
op: Binop
a, b, u: val
ϑ:= ϱ .{[ x := denote op (ϱ a) (ϱ b)]}: val → R
a_b:= Node val op (Leaf val a) (Leaf val b): Expr val
IHK': y : val, x ≠ u → (∂ Let (x, (op, a, b)) :: K' .in y ./ ∂ u .at ϱ) =ᵣ ((∂ Let K' .in y ./ ∂ u .at ϑ) +ᵣ (∂ Let K' .in y ./ ∂ x .at ϑ) ×ᵣ (∂ a_b ./ ∂ u .at ϱ))
y: val
H: x ≠ u

(∂ if decide (x' = y) then Node val op' (Let (x, (op, a, b)) :: K' .in a') (Let (x, (op, a, b)) :: K' .in b') else Let (x, (op, a, b)) :: K' .in y ./ ∂ u .at ϱ) =ᵣ ((∂ if decide (x' = y) then Node val op' (Let K' .in a') (Let K' .in b') else Let K' .in y ./ ∂ u .at ϑ) +ᵣ (∂ if decide (x' = y) then Node val op' (Let K' .in a') (Let K' .in b') else Let K' .in y ./ ∂ x .at ϑ) ×ᵣ (∂ a_b ./ ∂ u .at ϱ))
R: Set
RS: RingSig R
RA: IsRing R
ϱ: val → R
x': val
op': Binop
a', b': val
K': list (val * node)
x: val
op: Binop
a, b, u: val
ϑ:= ϱ .{[ x := denote op (ϱ a) (ϱ b)]}: val → R
a_b:= Node val op (Leaf val a) (Leaf val b): Expr val
IHK': y : val, x ≠ u → (∂ Let (x, (op, a, b)) :: K' .in y ./ ∂ u .at ϱ) =ᵣ ((∂ Let K' .in y ./ ∂ u .at ϑ) +ᵣ (∂ Let K' .in y ./ ∂ x .at ϑ) ×ᵣ (∂ a_b ./ ∂ u .at ϱ))
y: val
H: x ≠ u
e: x' = y

(∂ Node val op' (Let (x, (op, a, b)) :: K' .in a') (Let (x, (op, a, b)) :: K' .in b') ./ ∂ u .at ϱ) =ᵣ ((∂ Node val op' (Let K' .in a') (Let K' .in b') ./ ∂ u .at ϑ) +ᵣ (∂ Node val op' (Let K' .in a') (Let K' .in b') ./ ∂ x .at ϑ) ×ᵣ (∂ a_b ./ ∂ u .at ϱ))
R: Set
RS: RingSig R
RA: IsRing R
ϱ: val → R
x', a', b': val
K': list (val * node)
x: val
op: Binop
a, b, u: val
ϑ:= ϱ .{[ x := denote op (ϱ a) (ϱ b)]}: val → R
a_b:= Node val op (Leaf val a) (Leaf val b): Expr val
IHK': y : val, x ≠ u → (∂ Let (x, (op, a, b)) :: K' .in y ./ ∂ u .at ϱ) =ᵣ ((∂ Let K' .in y ./ ∂ u .at ϑ) +ᵣ (∂ Let K' .in y ./ ∂ x .at ϑ) ×ᵣ (∂ a_b ./ ∂ u .at ϱ))
y: val
H: x ≠ u
e: x' = y

(∂ (Let (x, (op, a, b)) :: K' .in a') +ₑ (Let (x, (op, a, b)) :: K' .in b') ./ ∂ u .at ϱ) =ᵣ ((∂ (Let K' .in a') +ₑ (Let K' .in b') ./ ∂ u .at ϑ) +ᵣ (∂ (Let K' .in a') +ₑ (Let K' .in b') ./ ∂ x .at ϑ) ×ᵣ (∂ a_b ./ ∂ u .at ϱ))
R: Set
RS: RingSig R
RA: IsRing R
ϱ: val → R
x', a', b': val
K': list (val * node)
x: val
op: Binop
a, b, u: val
ϑ:= ϱ .{[ x := denote op (ϱ a) (ϱ b)]}: val → R
a_b:= Node val op (Leaf val a) (Leaf val b): Expr val
IHK': y : val, x ≠ u → (∂ Let (x, (op, a, b)) :: K' .in y ./ ∂ u .at ϱ) =ᵣ ((∂ Let K' .in y ./ ∂ u .at ϑ) +ᵣ (∂ Let K' .in y ./ ∂ x .at ϑ) ×ᵣ (∂ a_b ./ ∂ u .at ϱ))
y: val
H: x ≠ u
e: x' = y
(∂ (Let (x, (op, a, b)) :: K' .in a') ×ₑ (Let (x, (op, a, b)) :: K' .in b') ./ ∂ u .at ϱ) =ᵣ ((∂ (Let K' .in a') ×ₑ (Let K' .in b') ./ ∂ u .at ϑ) +ᵣ (∂ (Let K' .in a') ×ₑ (Let K' .in b') ./ ∂ x .at ϑ) ×ᵣ (∂ a_b ./ ∂ u .at ϱ))
R: Set
RS: RingSig R
RA: IsRing R
ϱ: val → R
x', a', b': val
K': list (val * node)
x: val
op: Binop
a, b, u: val
ϑ:= ϱ .{[ x := denote op (ϱ a) (ϱ b)]}: val → R
a_b:= Node val op (Leaf val a) (Leaf val b): Expr val
IHK': y : val, x ≠ u → (∂ Let (x, (op, a, b)) :: K' .in y ./ ∂ u .at ϱ) =ᵣ ((∂ Let K' .in y ./ ∂ u .at ϑ) +ᵣ (∂ Let K' .in y ./ ∂ x .at ϑ) ×ᵣ (∂ a_b ./ ∂ u .at ϱ))
y: val
H: x ≠ u
e: x' = y

(∂ (Let (x, (op, a, b)) :: K' .in a') +ₑ (Let (x, (op, a, b)) :: K' .in b') ./ ∂ u .at ϱ) =ᵣ ((∂ (Let K' .in a') +ₑ (Let K' .in b') ./ ∂ u .at ϑ) +ᵣ (∂ (Let K' .in a') +ₑ (Let K' .in b') ./ ∂ x .at ϑ) ×ᵣ (∂ a_b ./ ∂ u .at ϱ))
R: Set
RS: RingSig R
RA: IsRing R
ϱ: val → R
x', a', b': val
K': list (val * node)
x: val
op: Binop
a, b, u: val
ϑ:= ϱ .{[ x := denote op (ϱ a) (ϱ b)]}: val → R
a_b:= Node val op (Leaf val a) (Leaf val b): Expr val
IHK': y : val, x ≠ u → (∂ Let (x, (op, a, b)) :: K' .in y ./ ∂ u .at ϱ) =ᵣ ((∂ Let K' .in y ./ ∂ u .at ϑ) +ᵣ (∂ Let K' .in y ./ ∂ x .at ϑ) ×ᵣ (∂ a_b ./ ∂ u .at ϱ))
y: val
H: x ≠ u
e: x' = y

((∂ Let (x, (op, a, b)) :: K' .in a' ./ ∂ u .at ϱ) +ᵣ (∂ Let (x, (op, a, b)) :: K' .in b' ./ ∂ u .at ϱ)) =ᵣ (((∂ Let K' .in a' ./ ∂ u .at ϑ) +ᵣ (∂ Let K' .in b' ./ ∂ u .at ϑ)) +ᵣ ((∂ Let K' .in a' ./ ∂ x .at ϑ) +ᵣ (∂ Let K' .in b' ./ ∂ x .at ϑ)) ×ᵣ match op with | Add => (if decide (u = a) then Iᵣ else Oᵣ) +ᵣ (if decide (u = b) then Iᵣ else Oᵣ) | Mul => (if decide (u = a) then Iᵣ else Oᵣ) ×ᵣ ϱ b +ᵣ ϱ a ×ᵣ (if decide (u = b) then Iᵣ else Oᵣ) end)
R: Set
RS: RingSig R
RA: IsRing R
ϱ: val → R
x', a', b': val
K': list (val * node)
x: val
op: Binop
a, b, u: val
ϑ:= ϱ .{[ x := denote op (ϱ a) (ϱ b)]}: val → R
a_b:= Node val op (Leaf val a) (Leaf val b): Expr val
IHK': y : val, x ≠ u → (∂ Let (x, (op, a, b)) :: K' .in y ./ ∂ u .at ϱ) =ᵣ ((∂ Let K' .in y ./ ∂ u .at ϑ) +ᵣ (∂ Let K' .in y ./ ∂ x .at ϑ) ×ᵣ (∂ a_b ./ ∂ u .at ϱ))
y: val
H: x ≠ u
e: x' = y

(((∂ Let K' .in a' ./ ∂ u .at ϑ) +ᵣ (∂ Let K' .in a' ./ ∂ x .at ϑ) ×ᵣ (∂ a_b ./ ∂ u .at ϱ)) +ᵣ ((∂ Let K' .in b' ./ ∂ u .at ϑ) +ᵣ (∂ Let K' .in b' ./ ∂ x .at ϑ) ×ᵣ (∂ a_b ./ ∂ u .at ϱ))) =ᵣ (((∂ Let K' .in a' ./ ∂ u .at ϑ) +ᵣ (∂ Let K' .in b' ./ ∂ u .at ϑ)) +ᵣ ((∂ Let K' .in a' ./ ∂ x .at ϑ) +ᵣ (∂ Let K' .in b' ./ ∂ x .at ϑ)) ×ᵣ match op with | Add => (if decide (u = a) then Iᵣ else Oᵣ) +ᵣ (if decide (u = b) then Iᵣ else Oᵣ) | Mul => (if decide (u = a) then Iᵣ else Oᵣ) ×ᵣ ϱ b +ᵣ ϱ a ×ᵣ (if decide (u = b) then Iᵣ else Oᵣ) end)
R: Set
RS: RingSig R
RA: IsRing R
ϱ: val → R
x', a', b': val
K': list (val * node)
x: val
op: Binop
a, b, u: val
ϑ:= ϱ .{[ x := denote op (ϱ a) (ϱ b)]}: val → R
a_b:= Node val op (Leaf val a) (Leaf val b): Expr val
IHK': y : val, x ≠ u → (∂ Let (x, (op, a, b)) :: K' .in y ./ ∂ u .at ϱ) =ᵣ ((∂ Let K' .in y ./ ∂ u .at ϑ) +ᵣ (∂ Let K' .in y ./ ∂ x .at ϑ) ×ᵣ (∂ a_b ./ ∂ u .at ϱ))
y: val
H: x ≠ u
e: x' = y

(((∂ Let K' .in a' ./ ∂ u .at ϑ) +ᵣ (∂ Let K' .in a' ./ ∂ x .at ϑ) ×ᵣ match op with | Add => (if decide (u = a) then Iᵣ else Oᵣ) +ᵣ (if decide (u = b) then Iᵣ else Oᵣ) | Mul => (if decide (u = a) then Iᵣ else Oᵣ) ×ᵣ ϱ b +ᵣ ϱ a ×ᵣ (if decide (u = b) then Iᵣ else Oᵣ) end) +ᵣ ((∂ Let K' .in b' ./ ∂ u .at ϑ) +ᵣ (∂ Let K' .in b' ./ ∂ x .at ϑ) ×ᵣ match op with | Add => (if decide (u = a) then Iᵣ else Oᵣ) +ᵣ (if decide (u = b) then Iᵣ else Oᵣ) | Mul => (if decide (u = a) then Iᵣ else Oᵣ) ×ᵣ ϱ b +ᵣ ϱ a ×ᵣ (if decide (u = b) then Iᵣ else Oᵣ) end)) =ᵣ (((∂ Let K' .in a' ./ ∂ u .at ϑ) +ᵣ (∂ Let K' .in b' ./ ∂ u .at ϑ)) +ᵣ ((∂ Let K' .in a' ./ ∂ x .at ϑ) +ᵣ (∂ Let K' .in b' ./ ∂ x .at ϑ)) ×ᵣ match op with | Add => (if decide (u = a) then Iᵣ else Oᵣ) +ᵣ (if decide (u = b) then Iᵣ else Oᵣ) | Mul => (if decide (u = a) then Iᵣ else Oᵣ) ×ᵣ ϱ b +ᵣ ϱ a ×ᵣ (if decide (u = b) then Iᵣ else Oᵣ) end)
ring.
R: Set
RS: RingSig R
RA: IsRing R
ϱ: val → R
x', a', b': val
K': list (val * node)
x: val
op: Binop
a, b, u: val
ϑ:= ϱ .{[ x := denote op (ϱ a) (ϱ b)]}: val → R
a_b:= Node val op (Leaf val a) (Leaf val b): Expr val
IHK': y : val, x ≠ u → (∂ Let (x, (op, a, b)) :: K' .in y ./ ∂ u .at ϱ) =ᵣ ((∂ Let K' .in y ./ ∂ u .at ϑ) +ᵣ (∂ Let K' .in y ./ ∂ x .at ϑ) ×ᵣ (∂ a_b ./ ∂ u .at ϱ))
y: val
H: x ≠ u
e: x' = y

(∂ (Let (x, (op, a, b)) :: K' .in a') ×ₑ (Let (x, (op, a, b)) :: K' .in b') ./ ∂ u .at ϱ) =ᵣ ((∂ (Let K' .in a') ×ₑ (Let K' .in b') ./ ∂ u .at ϑ) +ᵣ (∂ (Let K' .in a') ×ₑ (Let K' .in b') ./ ∂ x .at ϑ) ×ᵣ (∂ a_b ./ ∂ u .at ϱ))
R: Set
RS: RingSig R
RA: IsRing R
ϱ: val → R
x', a', b': val
K': list (val * node)
x: val
op: Binop
a, b, u: val
ϑ:= ϱ .{[ x := denote op (ϱ a) (ϱ b)]}: val → R
a_b:= Node val op (Leaf val a) (Leaf val b): Expr val
IHK': y : val, x ≠ u → (∂ Let (x, (op, a, b)) :: K' .in y ./ ∂ u .at ϱ) =ᵣ ((∂ Let K' .in y ./ ∂ u .at ϑ) +ᵣ (∂ Let K' .in y ./ ∂ x .at ϑ) ×ᵣ (∂ a_b ./ ∂ u .at ϱ))
y: val
H: x ≠ u
e: x' = y

((∂ Let (x, (op, a, b)) :: K' .in a' ./ ∂ u .at ϱ) ×ᵣ eval (map ϱ (Let (x, (op, a, b)) :: K' .in b')) +ᵣ eval (map ϱ (Let (x, (op, a, b)) :: K' .in a')) ×ᵣ (∂ Let (x, (op, a, b)) :: K' .in b' ./ ∂ u .at ϱ)) =ᵣ (((∂ Let K' .in a' ./ ∂ u .at ϑ) ×ᵣ eval (map ϑ (Let K' .in b')) +ᵣ eval (map ϑ (Let K' .in a')) ×ᵣ (∂ Let K' .in b' ./ ∂ u .at ϑ)) +ᵣ ((∂ Let K' .in a' ./ ∂ x .at ϑ) ×ᵣ eval (map ϑ (Let K' .in b')) +ᵣ eval (map ϑ (Let K' .in a')) ×ᵣ (∂ Let K' .in b' ./ ∂ x .at ϑ)) ×ᵣ match op with | Add => (if decide (u = a) then Iᵣ else Oᵣ) +ᵣ (if decide (u = b) then Iᵣ else Oᵣ) | Mul => (if decide (u = a) then Iᵣ else Oᵣ) ×ᵣ ϱ b +ᵣ ϱ a ×ᵣ (if decide (u = b) then Iᵣ else Oᵣ) end)
R: Set
RS: RingSig R
RA: IsRing R
ϱ: val → R
x', a', b': val
K': list (val * node)
x: val
op: Binop
a, b, u: val
ϑ:= ϱ .{[ x := denote op (ϱ a) (ϱ b)]}: val → R
a_b:= Node val op (Leaf val a) (Leaf val b): Expr val
IHK': y : val, x ≠ u → (∂ Let (x, (op, a, b)) :: K' .in y ./ ∂ u .at ϱ) =ᵣ ((∂ Let K' .in y ./ ∂ u .at ϑ) +ᵣ (∂ Let K' .in y ./ ∂ x .at ϑ) ×ᵣ (∂ a_b ./ ∂ u .at ϱ))
y: val
H: x ≠ u
e: x' = y

(((∂ Let K' .in a' ./ ∂ u .at ϑ) +ᵣ (∂ Let K' .in a' ./ ∂ x .at ϑ) ×ᵣ (∂ a_b ./ ∂ u .at ϱ)) ×ᵣ eval (map ϱ (Let (x, (op, a, b)) :: K' .in b')) +ᵣ eval (map ϱ (Let (x, (op, a, b)) :: K' .in a')) ×ᵣ ((∂ Let K' .in b' ./ ∂ u .at ϑ) +ᵣ (∂ Let K' .in b' ./ ∂ x .at ϑ) ×ᵣ (∂ a_b ./ ∂ u .at ϱ))) =ᵣ (((∂ Let K' .in a' ./ ∂ u .at ϑ) ×ᵣ eval (map ϑ (Let K' .in b')) +ᵣ eval (map ϑ (Let K' .in a')) ×ᵣ (∂ Let K' .in b' ./ ∂ u .at ϑ)) +ᵣ ((∂ Let K' .in a' ./ ∂ x .at ϑ) ×ᵣ eval (map ϑ (Let K' .in b')) +ᵣ eval (map ϑ (Let K' .in a')) ×ᵣ (∂ Let K' .in b' ./ ∂ x .at ϑ)) ×ᵣ match op with | Add => (if decide (u = a) then Iᵣ else Oᵣ) +ᵣ (if decide (u = b) then Iᵣ else Oᵣ) | Mul => (if decide (u = a) then Iᵣ else Oᵣ) ×ᵣ ϱ b +ᵣ ϱ a ×ᵣ (if decide (u = b) then Iᵣ else Oᵣ) end)
R: Set
RS: RingSig R
RA: IsRing R
ϱ: val → R
x', a', b': val
K': list (val * node)
x: val
op: Binop
a, b, u: val
ϑ:= ϱ .{[ x := denote op (ϱ a) (ϱ b)]}: val → R
a_b:= Node val op (Leaf val a) (Leaf val b): Expr val
IHK': y : val, x ≠ u → (∂ Let (x, (op, a, b)) :: K' .in y ./ ∂ u .at ϱ) =ᵣ ((∂ Let K' .in y ./ ∂ u .at ϑ) +ᵣ (∂ Let K' .in y ./ ∂ x .at ϑ) ×ᵣ (∂ a_b ./ ∂ u .at ϱ))
y: val
H: x ≠ u
e: x' = y

(((∂ Let K' .in a' ./ ∂ u .at ϑ) +ᵣ (∂ Let K' .in a' ./ ∂ x .at ϑ) ×ᵣ match op with | Add => (if decide (u = a) then Iᵣ else Oᵣ) +ᵣ (if decide (u = b) then Iᵣ else Oᵣ) | Mul => (if decide (u = a) then Iᵣ else Oᵣ) ×ᵣ ϱ b +ᵣ ϱ a ×ᵣ (if decide (u = b) then Iᵣ else Oᵣ) end) ×ᵣ eval (map ϱ (Let (x, (op, a, b)) :: K' .in b')) +ᵣ eval (map ϱ (Let (x, (op, a, b)) :: K' .in a')) ×ᵣ ((∂ Let K' .in b' ./ ∂ u .at ϑ) +ᵣ (∂ Let K' .in b' ./ ∂ x .at ϑ) ×ᵣ match op with | Add => (if decide (u = a) then Iᵣ else Oᵣ) +ᵣ (if decide (u = b) then Iᵣ else Oᵣ) | Mul => (if decide (u = a) then Iᵣ else Oᵣ) ×ᵣ ϱ b +ᵣ ϱ a ×ᵣ (if decide (u = b) then Iᵣ else Oᵣ) end)) =ᵣ (((∂ Let K' .in a' ./ ∂ u .at ϑ) ×ᵣ eval (map ϑ (Let K' .in b')) +ᵣ eval (map ϑ (Let K' .in a')) ×ᵣ (∂ Let K' .in b' ./ ∂ u .at ϑ)) +ᵣ ((∂ Let K' .in a' ./ ∂ x .at ϑ) ×ᵣ eval (map ϑ (Let K' .in b')) +ᵣ eval (map ϑ (Let K' .in a')) ×ᵣ (∂ Let K' .in b' ./ ∂ x .at ϑ)) ×ᵣ match op with | Add => (if decide (u = a) then Iᵣ else Oᵣ) +ᵣ (if decide (u = b) then Iᵣ else Oᵣ) | Mul => (if decide (u = a) then Iᵣ else Oᵣ) ×ᵣ ϱ b +ᵣ ϱ a ×ᵣ (if decide (u = b) then Iᵣ else Oᵣ) end)
R: Set
RS: RingSig R
RA: IsRing R
ϱ: val → R
x', a', b': val
K': list (val * node)
x: val
op: Binop
a, b, u: val
ϑ:= ϱ .{[ x := denote op (ϱ a) (ϱ b)]}: val → R
a_b:= Node val op (Leaf val a) (Leaf val b): Expr val
IHK': y : val, x ≠ u → (∂ Let (x, (op, a, b)) :: K' .in y ./ ∂ u .at ϱ) =ᵣ ((∂ Let K' .in y ./ ∂ u .at ϑ) +ᵣ (∂ Let K' .in y ./ ∂ x .at ϑ) ×ᵣ (∂ a_b ./ ∂ u .at ϱ))
y: val
H: x ≠ u
e: x' = y

(((∂ Let K' .in a' ./ ∂ u .at ϑ) +ᵣ (∂ Let K' .in a' ./ ∂ x .at ϑ) ×ᵣ match op with | Add => (if decide (u = a) then Iᵣ else Oᵣ) +ᵣ (if decide (u = b) then Iᵣ else Oᵣ) | Mul => (if decide (u = a) then Iᵣ else Oᵣ) ×ᵣ ϱ b +ᵣ ϱ a ×ᵣ (if decide (u = b) then Iᵣ else Oᵣ) end) ×ᵣ eval (map ϱ (Let (x, (op, a, b)) :: K' .in b')) +ᵣ eval (map ϱ (Let (x, (op, a, b)) :: K' .in a')) ×ᵣ ((∂ Let K' .in b' ./ ∂ u .at ϑ) +ᵣ (∂ Let K' .in b' ./ ∂ x .at ϑ) ×ᵣ match op with | Add => (if decide (u = a) then Iᵣ else Oᵣ) +ᵣ (if decide (u = b) then Iᵣ else Oᵣ) | Mul => (if decide (u = a) then Iᵣ else Oᵣ) ×ᵣ ϱ b +ᵣ ϱ a ×ᵣ (if decide (u = b) then Iᵣ else Oᵣ) end)) =ᵣ (((∂ Let K' .in a' ./ ∂ u .at ϑ) ×ᵣ eval (map ϱ (Let (x, (op, a, b)) :: K' .in b')) +ᵣ eval (map ϱ (Let (x, (op, a, b)) :: K' .in a')) ×ᵣ (∂ Let K' .in b' ./ ∂ u .at ϑ)) +ᵣ ((∂ Let K' .in a' ./ ∂ x .at ϑ) ×ᵣ eval (map ϱ (Let (x, (op, a, b)) :: K' .in b')) +ᵣ eval (map ϱ (Let (x, (op, a, b)) :: K' .in a')) ×ᵣ (∂ Let K' .in b' ./ ∂ x .at ϑ)) ×ᵣ match op with | Add => (if decide (u = a) then Iᵣ else Oᵣ) +ᵣ (if decide (u = b) then Iᵣ else Oᵣ) | Mul => (if decide (u = a) then Iᵣ else Oᵣ) ×ᵣ ϱ b +ᵣ ϱ a ×ᵣ (if decide (u = b) then Iᵣ else Oᵣ) end)
ring. } Qed.
R: Set
RS: RingSig R
RA: IsRing R
I: Set
e₁, e₂: Expr I
ϱ: I → R

e₁ =ₑ e₂ → eval (map ϱ e₁) =ᵣ eval (map ϱ e₂)
R: Set
RS: RingSig R
RA: IsRing R
I: Set
e₁, e₂: Expr I
ϱ: I → R

e₁ =ₑ e₂ → eval (map ϱ e₁) =ᵣ eval (map ϱ e₂)
R: Set
RS: RingSig R
RA: IsRing R
I: Set
ϱ: I → R
e₁, e₂, e₃: Expr I
H: e₁ =ₑ e₂
H0: e₂ =ₑ e₃
IHExpr_equiv1: eval (map ϱ e₁) =ᵣ eval (map ϱ e₂)
IHExpr_equiv2: eval (map ϱ e₂) =ᵣ eval (map ϱ e₃)

eval (map ϱ e₁) =ᵣ eval (map ϱ e₃)
R: Set
RS: RingSig R
RA: IsRing R
I: Set
ϱ: I → R
op: Binop
x, y: Expr I
H: x =ₑ y
x0, y0: Expr I
H0: x0 =ₑ y0
IHExpr_equiv1: eval (map ϱ x) =ᵣ eval (map ϱ y)
IHExpr_equiv2: eval (map ϱ x0) =ᵣ eval (map ϱ y0)
eval (map ϱ (Node I op x x0)) =ᵣ eval (map ϱ (Node I op y y0))
R: Set
RS: RingSig R
RA: IsRing R
I: Set
ϱ: I → R
e₁, e₂, e₃: Expr I
H: e₁ =ₑ e₂
H0: e₂ =ₑ e₃
IHExpr_equiv1: eval (map ϱ e₁) =ᵣ eval (map ϱ e₂)
IHExpr_equiv2: eval (map ϱ e₂) =ᵣ eval (map ϱ e₃)

eval (map ϱ e₁) =ᵣ eval (map ϱ e₃)
by rewrite IHExpr_equiv1.
R: Set
RS: RingSig R
RA: IsRing R
I: Set
ϱ: I → R
op: Binop
x, y: Expr I
H: x =ₑ y
x0, y0: Expr I
H0: x0 =ₑ y0
IHExpr_equiv1: eval (map ϱ x) =ᵣ eval (map ϱ y)
IHExpr_equiv2: eval (map ϱ x0) =ᵣ eval (map ϱ y0)

eval (map ϱ (Node I op x x0)) =ᵣ eval (map ϱ (Node I op y y0))
R: Set
RS: RingSig R
RA: IsRing R
I: Set
ϱ: I → R
op: Binop
x, y: Expr I
H: x =ₑ y
x0, y0: Expr I
H0: x0 =ₑ y0
IHExpr_equiv1: eval (map ϱ x) =ᵣ eval (map ϱ y)
IHExpr_equiv2: eval (map ϱ x0) =ᵣ eval (map ϱ y0)

eval (map ϱ (Node I op x x0)) =ᵣ eval (map ϱ (Node I op y y0))
by destruct op; simpl; rewrite IHExpr_equiv1 IHExpr_equiv2. } Qed.
R: Set
RS: RingSig R
RA: IsRing R
I: Set
EI: EqDecision I
e₁, e₂: Expr I
ϱ: I → R
i: I

e₁ =ₑ e₂ → (∂ e₁ ./ ∂ i .at ϱ) =ᵣ (∂ e₂ ./ ∂ i .at ϱ)
R: Set
RS: RingSig R
RA: IsRing R
I: Set
EI: EqDecision I
e₁, e₂: Expr I
ϱ: I → R
i: I

e₁ =ₑ e₂ → (∂ e₁ ./ ∂ i .at ϱ) =ᵣ (∂ e₂ ./ ∂ i .at ϱ)
R: Set
RS: RingSig R
RA: IsRing R
I: Set
EI: EqDecision I
ϱ: I → R
i: I
e₁, e₂, e₃: Expr I
H: e₁ =ₑ e₂
H0: e₂ =ₑ e₃
IHExpr_equiv1: (∂ e₁ ./ ∂ i .at ϱ) =ᵣ (∂ e₂ ./ ∂ i .at ϱ)
IHExpr_equiv2: (∂ e₂ ./ ∂ i .at ϱ) =ᵣ (∂ e₃ ./ ∂ i .at ϱ)

(∂ e₁ ./ ∂ i .at ϱ) =ᵣ (∂ e₃ ./ ∂ i .at ϱ)
R: Set
RS: RingSig R
RA: IsRing R
I: Set
EI: EqDecision I
ϱ: I → R
i: I
op: Binop
x, y: Expr I
H: x =ₑ y
x0, y0: Expr I
H0: x0 =ₑ y0
IHExpr_equiv1: (∂ x ./ ∂ i .at ϱ) =ᵣ (∂ y ./ ∂ i .at ϱ)
IHExpr_equiv2: (∂ x0 ./ ∂ i .at ϱ) =ᵣ (∂ y0 ./ ∂ i .at ϱ)
(∂ Node I op x x0 ./ ∂ i .at ϱ) =ᵣ (∂ Node I op y y0 ./ ∂ i .at ϱ)
R: Set
RS: RingSig R
RA: IsRing R
I: Set
EI: EqDecision I
ϱ: I → R
i: I
e₁, e₂, e₃: Expr I
H: e₁ =ₑ e₂
H0: e₂ =ₑ e₃
IHExpr_equiv1: (∂ e₁ ./ ∂ i .at ϱ) =ᵣ (∂ e₂ ./ ∂ i .at ϱ)
IHExpr_equiv2: (∂ e₂ ./ ∂ i .at ϱ) =ᵣ (∂ e₃ ./ ∂ i .at ϱ)

(∂ e₁ ./ ∂ i .at ϱ) =ᵣ (∂ e₃ ./ ∂ i .at ϱ)
by rewrite IHExpr_equiv1.
R: Set
RS: RingSig R
RA: IsRing R
I: Set
EI: EqDecision I
ϱ: I → R
i: I
op: Binop
x, y: Expr I
H: x =ₑ y
x0, y0: Expr I
H0: x0 =ₑ y0
IHExpr_equiv1: (∂ x ./ ∂ i .at ϱ) =ᵣ (∂ y ./ ∂ i .at ϱ)
IHExpr_equiv2: (∂ x0 ./ ∂ i .at ϱ) =ᵣ (∂ y0 ./ ∂ i .at ϱ)

(∂ Node I op x x0 ./ ∂ i .at ϱ) =ᵣ (∂ Node I op y y0 ./ ∂ i .at ϱ)
R: Set
RS: RingSig R
RA: IsRing R
I: Set
EI: EqDecision I
ϱ: I → R
i: I
op: Binop
x, y: Expr I
H: x =ₑ y
x0, y0: Expr I
H0: x0 =ₑ y0
IHExpr_equiv1: (∂ x ./ ∂ i .at ϱ) =ᵣ (∂ y ./ ∂ i .at ϱ)
IHExpr_equiv2: (∂ x0 ./ ∂ i .at ϱ) =ᵣ (∂ y0 ./ ∂ i .at ϱ)

(∂ Node I op x x0 ./ ∂ i .at ϱ) =ᵣ (∂ Node I op y y0 ./ ∂ i .at ϱ)
R: Set
RS: RingSig R
RA: IsRing R
I: Set
EI: EqDecision I
ϱ: I → R
i: I
x, y: Expr I
H: x =ₑ y
x0, y0: Expr I
H0: x0 =ₑ y0
IHExpr_equiv1: (∂ x ./ ∂ i .at ϱ) =ᵣ (∂ y ./ ∂ i .at ϱ)
IHExpr_equiv2: (∂ x0 ./ ∂ i .at ϱ) =ᵣ (∂ y0 ./ ∂ i .at ϱ)

((∂ y ./ ∂ i .at ϱ) ×ᵣ eval (map ϱ x0) +ᵣ eval (map ϱ x) ×ᵣ (∂ y0 ./ ∂ i .at ϱ)) =ᵣ ((∂ y ./ ∂ i .at ϱ) ×ᵣ eval (map ϱ y0) +ᵣ eval (map ϱ y) ×ᵣ (∂ y0 ./ ∂ i .at ϱ))
R: Set
RS: RingSig R
RA: IsRing R
I: Set
EI: EqDecision I
ϱ: I → R
i: I
x, y: Expr I
H: x =ₑ y
x0, y0: Expr I
H0: x0 =ₑ y0
IHExpr_equiv1: (∂ x ./ ∂ i .at ϱ) =ᵣ (∂ y ./ ∂ i .at ϱ)
IHExpr_equiv2: (∂ x0 ./ ∂ i .at ϱ) =ᵣ (∂ y0 ./ ∂ i .at ϱ)

((∂ y ./ ∂ i .at ϱ) ×ᵣ eval (map ϱ y0) +ᵣ eval (map ϱ x) ×ᵣ (∂ y0 ./ ∂ i .at ϱ)) =ᵣ ((∂ y ./ ∂ i .at ϱ) ×ᵣ eval (map ϱ y0) +ᵣ eval (map ϱ y) ×ᵣ (∂ y0 ./ ∂ i .at ϱ))
by rewrite (eval_equiv x). } Qed. End proofs_using_ring_tactic. (** Small detour on the chain rule. *) Section chain_rule. Context {R : Set} {RS : RingSig R} {RA : IsRing R} {I : Set} `{CI : Countable I} {J : Set} {EJ : EqDecision J}. Definition Sum (f : I → R) : gset I → R := set_fold (λ i acc, acc +ᵣ f i) (Oᵣ). Notation "'Σ' i '.∈' S ';' e" := (Sum (λ i, e) S) (at level 70). (* Here is how the chain rule could be stated. The lemmas [diff_map], [diff_bind_overwrite_leaf_id] and [diff_filling] could be proven as corollaries of this property. However, we find that proving them directly ends up being simpler. *) Definition chain_rule_statement (e : Expr I) (f : I → Expr J) (ϱ : J → R) (j : J) := let ϑ : I → R := λ i, eval (map ϱ (f i)) in (∂ (bind f e) ./ ∂ j .at ϱ) =ᵣ Σ i .∈ (vars e) ; (∂ e ./ ∂ i .at ϑ) ×ᵣ (∂ (f i) ./ ∂ j .at ϱ). End chain_rule. End properties. Section ring_instances. Global Instance UnitRing : RingSig () := { rzero := tt; rone := tt; radd := λ _ _, tt; rmul := λ _ _, tt; req := λ _ _, True; }. Global Program Instance UnitIsRing : IsRing ().

semi_ring_theory (Oᵣ) (Iᵣ) radd rmul req
done. Qed. Global Instance ZRing : RingSig Z := { rzero := 0; rone := 1; radd := Z.add; rmul := Z.mul; req := (@eq Z); }. Global Program Instance ZIsRing : IsRing Z.

semi_ring_theory (Oᵣ) (Iᵣ) radd rmul req
split; simpl; lia. Qed. Global Instance Expr_equiv_Equivalence {I : Set} : Equivalence (@Expr_equiv I) := { Equivalence_Reflexive := Expr_equiv_refl; Equivalence_Symmetric := Expr_equiv_symm; Equivalence_Transitive := Expr_equiv_trans; }. Definition ExprRing_srt {I : Set} : semi_ring_theory (Zero I) (One I) (Node I Add) (Node I Mul) Expr_equiv := {| SRadd_0_l := Expr_equiv_add_0_l; SRadd_comm := Expr_equiv_comm Add; SRadd_assoc := Expr_equiv_assoc Add; SRmul_1_l := Expr_equiv_mul_1_l; SRmul_0_l := Expr_equiv_mul_0_l; SRmul_comm := Expr_equiv_comm Mul; SRmul_assoc := Expr_equiv_assoc Mul; SRdistr_l := Expr_equiv_distr_l; |}. Program Instance ExprIsRing {I : Set} : IsRing (Expr I) := { req_equiv := Expr_equiv_Equivalence; radd_ext := Expr_equiv_ext Add; rmul_ext := Expr_equiv_ext Mul; is_semi_ring := ExprRing_srt; }. End ring_instances. (** * Specification. *) Section specification. Context `{!irisG eff_lang Σ}. Class NumSpec (N : Num) (Ψ : iEff Σ) {R : Set} (RS : RingSig R) := { implements : val → R → iProp Σ; nzero_spec : ⊢ implements nzero rzero; none_spec : ⊢ implements none rone; (* The following specifications are an alternative to the above ones. The difference is that [nzero] and [none] would no longer be values. They would be programs that the client could choose to execute to have access to a representation of the neutral elements of the ring. However, doing so leads to trickier internal specifications (the internal definition of [implements]), because the derivative field would not have meaning. It would have to be described by an invariant just so the update operations could go through. The same idea applies if we expose the function [create] to the client. *) (* nzero_spec E : ⊢ EWP nzero @ E <| Ψ |> {{ x, implements x rzero }}; *) (* none_spec E : ⊢ EWP none @ E <| Ψ |> {{ x, implements x rone }}; *) nadd_spec E a b r s : implements a r -∗ implements b s -∗ EWP nadd a b @ E <| Ψ |> {{ x, implements x (radd r s) }}; nmul_spec E a b r s : implements a r -∗ implements b s -∗ EWP nmul a b @ E <| Ψ |> {{ x, implements x (rmul r s) }}; implements_pers u r :> Persistent (implements u r); (* See the remark bellow to understand the purpose of the following line. *) (* implements_ne u n : Proper (req ==> (dist n)) (implements u); *) }. Definition isExp (f : Num → expr) (e : Expr ()) : iProp Σ := ( (N : Num), EWP (f N) <| ⊥ |> {{ vf, ( (R : Set) (RS : RingSig R) (RA : IsRing R), ( (Ψ : iEff Σ) (NSpec : NumSpec N Ψ RS), ( x r, implements x r -∗ EWP vf x <| Ψ |> {{ y, s, implements y s ∗ ⌜ s =ᵣ (eval (map (λ _, r) e)) ⌝ }})))}}). (* Remark: -- The existentially quantified ring element [s] that appears in the postcondition of [diff] could be avoided by asking the predicate [implements] to be non-expansive. However, this would complicate the verification of [diff] because the numerical implementation of symbolic expressions that it provides to the client doesn't satisfy this property. The same trick of the existential quantification might work for turning the [implements] predicate non-expansive, but again, we choose simplicity. *) Definition diff_spec : iProp Σ := ( (f : Num → expr) (e : Expr ()), isExp f e -∗ isExp (diff f) (∂ e ./ ∂ tt .at (λ _, Xₑ))).
Σ: gFunctors
irisG0: irisG eff_lang Σ
f: Num → expr
e₁, e₂: Expr ()

e₁ =ₑ e₂ → isExp f e₁ -∗ isExp f e₂
Σ: gFunctors
irisG0: irisG eff_lang Σ
f: Num → expr
e₁, e₂: Expr ()

e₁ =ₑ e₂ → isExp f e₁ -∗ isExp f e₂
Σ: gFunctors
irisG0: irisG eff_lang Σ
f: Num → expr
e₁, e₂: Expr ()
He: e₁ =ₑ e₂

"Hf" : isExp f e₁ --------------------------------------∗ isExp f e₂
Σ: gFunctors
irisG0: irisG eff_lang Σ
f: Num → expr
e₁, e₂: Expr ()
He: e₁ =ₑ e₂
N: Num

"Hf" : isExp f e₁ --------------------------------------∗ EWP f N <| ⊥ |> {{ vf, (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec N Ψ RS) (x : val) (r : R), implements x r -∗ EWP vf x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) e₂)⌝ }} }}
Σ: gFunctors
irisG0: irisG eff_lang Σ
f: Num → expr
e₁, e₂: Expr ()
He: e₁ =ₑ e₂
N: Num

--------------------------------------∗ v : val, ( (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec N Ψ RS) (x : val) (r : R), implements x r -∗ EWP v x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) e₁)⌝ }}) ={⊤}=∗ (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec N Ψ RS) (x : val) (r : R), implements x r -∗ EWP v x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) e₂)⌝ }}
Σ: gFunctors
irisG0: irisG eff_lang Σ
f: Num → expr
e₁, e₂: Expr ()
He: e₁ =ₑ e₂
N: Num
vf: val

"Hvf" : (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec N Ψ RS) (x : val) (r : R), implements x r -∗ EWP vf x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) e₁)⌝ }} --------------------------------------∗ |={⊤}=> (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec N Ψ RS) (x : val) (r : R), implements x r -∗ EWP vf x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) e₂)⌝ }}
Σ: gFunctors
irisG0: irisG eff_lang Σ
f: Num → expr
e₁, e₂: Expr ()
He: e₁ =ₑ e₂
N: Num
vf: val

"Hvf" : (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec N Ψ RS) (x : val) (r : R), implements x r -∗ EWP vf x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) e₁)⌝ }} --------------------------------------∗ (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec N Ψ RS) (x : val) (r : R), implements x r -∗ EWP vf x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) e₂)⌝ }}
Σ: gFunctors
irisG0: irisG eff_lang Σ
f: Num → expr
e₁, e₂: Expr ()
He: e₁ =ₑ e₂
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R

"Hvf" : (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec N Ψ RS) (x : val) (r : R), implements x r -∗ EWP vf x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) e₁)⌝ }} "Hx" : implements x r --------------------------------------∗ EWP vf x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) e₂)⌝ }}
Σ: gFunctors
irisG0: irisG eff_lang Σ
f: Num → expr
e₁, e₂: Expr ()
He: e₁ =ₑ e₂
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R

"Hvf" : EWP vf x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) e₁)⌝ }} --------------------------------------∗ EWP vf x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) e₂)⌝ }}
Σ: gFunctors
irisG0: irisG eff_lang Σ
f: Num → expr
e₁, e₂: Expr ()
He: e₁ =ₑ e₂
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R

--------------------------------------∗ v : val, ( s : R, implements v s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) e₁)⌝) ={⊤}=∗ s : R, implements v s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) e₂)⌝
Σ: gFunctors
irisG0: irisG eff_lang Σ
f: Num → expr
e₁, e₂: Expr ()
He: e₁ =ₑ e₂
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R
y: val

--------------------------------------∗ ( s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) e₁)⌝) ={⊤}=∗ s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) e₂)⌝
Σ: gFunctors
irisG0: irisG eff_lang Σ
f: Num → expr
e₁, e₂: Expr ()
He: e₁ =ₑ e₂
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R
y: val
s: R
H: s =ᵣ eval (map (λ _ : (), r) e₁)

"Hs" : implements y s --------------------------------------∗ |={⊤}=> s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) e₂)⌝
Σ: gFunctors
irisG0: irisG eff_lang Σ
f: Num → expr
e₁, e₂: Expr ()
He: e₁ =ₑ e₂
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R
y: val
s: R
H: s =ᵣ eval (map (λ _ : (), r) e₁)

"Hs" : implements y s --------------------------------------∗ |={⊤}=> implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) e₂)⌝
Σ: gFunctors
irisG0: irisG eff_lang Σ
f: Num → expr
e₁, e₂: Expr ()
He: e₁ =ₑ e₂
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R
y: val
s: R
H: s =ᵣ eval (map (λ _ : (), r) e₁)

"Hs" : implements y s --------------------------------------∗ implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) e₂)⌝
Σ: gFunctors
irisG0: irisG eff_lang Σ
f: Num → expr
e₁, e₂: Expr ()
He: e₁ =ₑ e₂
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R
y: val
s: R
H: s =ᵣ eval (map (λ _ : (), r) e₁)

--------------------------------------∗ ⌜s =ᵣ eval (map (λ _ : (), r) e₂)⌝
Σ: gFunctors
irisG0: irisG eff_lang Σ
f: Num → expr
e₁, e₂: Expr ()
He: e₁ =ₑ e₂
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R
y: val
s: R
H: s =ᵣ eval (map (λ _ : (), r) e₁)

s =ᵣ eval (map (λ _ : (), r) e₂)
Σ: gFunctors
irisG0: irisG eff_lang Σ
f: Num → expr
e₁, e₂: Expr ()
He: e₁ =ₑ e₂
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R
y: val
s: R
H: s =ᵣ eval (map (λ _ : (), r) e₁)

eval (map (λ _ : (), r) e₁) =ᵣ eval (map (λ _ : (), r) e₂)
by apply eval_equiv. Qed. End specification. (** * Verification. *) Section verification. (** Camera setup. *) (** We define our personalised notion of resource. This means that we have defined a structure whose elements can be claimed to be owned. We have thus extended the language of logical propositions. Within this newly added fragment of the language, we will be able to write what it means for the current context to be in a certain state or for one to known that it contains a certain entry. *) Section camera.
Ignoring canonical projection to discrete_ofe_mixin by ofe_mixin in nodeO: redundant with fracO [redundant-canonical-projection,typechecker]
Ignoring canonical projection to discrete_dist by ofe_dist in nodeO: redundant with fracO [redundant-canonical-projection,typechecker]
Ignoring canonical projection to equivL by ofe_equiv in nodeO: redundant with fracO [redundant-canonical-projection,typechecker]
(* Our personalised resource is [gmap_viewR loc nodeO] and here we define a typeclass claiming for it to be among the underlying resources parameterizing [iProp]. *) Class cgraphG Σ := { cgraph_mapG :> inG Σ (gmap_viewR val nodeO); }. (* Now we prove that this claim can be satisfied by exhibiting a concrete list of resources containing our personalised one. (This isn't trivial, because the resource definition could depend on the list of resources to which it must belong.) *) Definition cgraphΣ := #[ GFunctor (gmap_viewR val nodeO) ].
Σ: gFunctors

subG cgraphΣ Σ → cgraphG Σ
Σ: gFunctors

subG cgraphΣ Σ → cgraphG Σ
solve_inG. Qed.
Ignoring canonical projection to discrete_ofe_mixin by ofe_mixin in nodeO: redundant with fracO [redundant-canonical-projection,typechecker]
Ignoring canonical projection to discrete_dist by ofe_dist in nodeO: redundant with fracO [redundant-canonical-projection,typechecker]
Ignoring canonical projection to equivL by ofe_equiv in nodeO: redundant with fracO [redundant-canonical-projection,typechecker]
(** Ghost theory. *) (** The derived definitions and their properties. *) Section ghost_theory. Context `{!cgraphG Σ}. Definition context_to_map (K : context) : gmap val node := list_to_map (reverse K). Definition is_current_context (γ : gname) (K : context) : iProp Σ := own γ (gmap_view_auth (V:=nodeO) 1%Qp (context_to_map K)). Definition is_entry (γ : gname) (u : val) (n : node) : iProp Σ := own γ (gmap_view_frag (V:=nodeO) u DfracDiscarded n).
Σ: gFunctors
cgraphG0: cgraphG Σ

⊢ |==> γ : gname, is_current_context γ []
Σ: gFunctors
cgraphG0: cgraphG Σ

⊢ |==> γ : gname, is_current_context γ []
Σ: gFunctors
cgraphG0: cgraphG Σ

✓ gmap_view_auth 1
Σ: gFunctors
cgraphG0: cgraphG Σ
γ: gname
"Hauth" : own γ (gmap_view_auth 1 ∅) --------------------------------------∗ |==> γ : gname, is_current_context γ []
Σ: gFunctors
cgraphG0: cgraphG Σ

✓ gmap_view_auth 1
by apply gmap_view_auth_valid.
Σ: gFunctors
cgraphG0: cgraphG Σ
γ: gname

"Hauth" : own γ (gmap_view_auth 1 ∅) --------------------------------------∗ |==> γ : gname, is_current_context γ []
Σ: gFunctors
cgraphG0: cgraphG Σ
γ: gname

"Hauth" : own γ (gmap_view_auth 1 ∅) --------------------------------------∗ |==> γ : gname, is_current_context γ []
by eauto. } Qed.
Σ: gFunctors
cgraphG0: cgraphG Σ
γ: gname
K: context
u: val
n: node

is_current_context γ K -∗ is_entry γ u n -∗ ⌜context_to_map K !! u = Some n⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
γ: gname
K: context
u: val
n: node

is_current_context γ K -∗ is_entry γ u n -∗ ⌜context_to_map K !! u = Some n⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
γ: gname
K: context
u: val
n: node

"Hauth" : is_current_context γ K "Hfrag" : is_entry γ u n --------------------------------------∗ ⌜context_to_map K !! u = Some n⌝
by iDestruct (own_valid_2 with "Hauth Hfrag") as %[_[_?]]%gmap_view_both_frac_valid_L. Qed.
Σ: gFunctors
cgraphG0: cgraphG Σ
γ: gname
K: context
u: val
n: node

context_to_map K !! u = None → is_current_context γ K -∗ |==> is_current_context γ (K ++ [(u, n)]) ∗ is_entry γ u n
Σ: gFunctors
cgraphG0: cgraphG Σ
γ: gname
K: context
u: val
n: node

context_to_map K !! u = None → is_current_context γ K -∗ |==> is_current_context γ (K ++ [(u, n)]) ∗ is_entry γ u n
Σ: gFunctors
cgraphG0: cgraphG Σ
γ: gname
K: context
u: val
n: node
Hlookup: context_to_map K !! u = None

"Hauth" : is_current_context γ K --------------------------------------∗ |==> is_current_context γ (K ++ [(u, n)]) ∗ is_entry γ u n
Σ: gFunctors
cgraphG0: cgraphG Σ
γ: gname
K: context
u: val
n: node
Hlookup: context_to_map K !! u = None

"Hauth" : is_current_context γ K --------------------------------------∗ |==> own γ (gmap_view_auth 1 (context_to_map (K ++ [(u, n)])) ⋅ gmap_view_frag u DfracDiscarded n)
Σ: gFunctors
cgraphG0: cgraphG Σ
γ: gname
K: context
u: val
n: node
Hlookup: context_to_map K !! u = None

?Goal ~~> gmap_view_auth 1 (context_to_map (K ++ [(u, n)])) ⋅ gmap_view_frag u DfracDiscarded n
Σ: gFunctors
cgraphG0: cgraphG Σ
γ: gname
K: context
u: val
n: node
Hlookup: context_to_map K !! u = None
"Hauth" : is_current_context γ K --------------------------------------∗ own γ ?Goal
Σ: gFunctors
cgraphG0: cgraphG Σ
γ: gname
K: context
u: val
n: node
Hlookup: context_to_map K !! u = None

?Goal ~~> gmap_view_auth 1 (list_to_map (reverse (K ++ [(u, n)]))) ⋅ gmap_view_frag u DfracDiscarded n
Σ: gFunctors
cgraphG0: cgraphG Σ
γ: gname
K: context
u: val
n: node
Hlookup: context_to_map K !! u = None
"Hauth" : is_current_context γ K --------------------------------------∗ own γ ?Goal
Σ: gFunctors
cgraphG0: cgraphG Σ
γ: gname
K: context
u: val
n: node
Hlookup: context_to_map K !! u = None

?Goal ~~> gmap_view_auth 1 (list_to_map (reverse [(u, n)] ++ reverse K)) ⋅ gmap_view_frag u DfracDiscarded n
Σ: gFunctors
cgraphG0: cgraphG Σ
γ: gname
K: context
u: val
n: node
Hlookup: context_to_map K !! u = None
"Hauth" : is_current_context γ K --------------------------------------∗ own γ ?Goal
Σ: gFunctors
cgraphG0: cgraphG Σ
γ: gname
K: context
u: val
n: node
Hlookup: context_to_map K !! u = None

?Goal ~~> gmap_view_auth 1 (<[u:=n]> (list_to_map (reverse K))) ⋅ gmap_view_frag u DfracDiscarded n
Σ: gFunctors
cgraphG0: cgraphG Σ
γ: gname
K: context
u: val
n: node
Hlookup: context_to_map K !! u = None
"Hauth" : is_current_context γ K --------------------------------------∗ own γ ?Goal
Σ: gFunctors
cgraphG0: cgraphG Σ
γ: gname
K: context
u: val
n: node
Hlookup: context_to_map K !! u = None

"Hauth" : is_current_context γ K --------------------------------------∗ own γ (gmap_view_auth 1 (list_to_map (reverse K)))
done. Qed.
Σ: gFunctors
cgraphG0: cgraphG Σ
γ: gname
u: val
n: node

Persistent (is_entry γ u n)
Σ: gFunctors
cgraphG0: cgraphG Σ
γ: gname
u: val
n: node

Persistent (is_entry γ u n)
apply _. Qed. End ghost_theory. Section represents. Context `{!cgraphG Σ, !heapG Σ} {R : Set} {RS : RingSig R} {N : Num} {Ψ : iEff Σ} {NSpec : NumSpec N Ψ RS}. Variables (γ : gname) (* Identifies assertions of the same ghost theory. *) (ℓₓ : loc) (* Memory location associated with the input value. *) (r : R) (* The point at which the derivative was asked. *) (nᵣ : val). (* A value representing [r]. *) Notation a₀ := (InjLV (InjLV #()))%V (only parsing). Notation a₁ := (InjLV (InjRV #()))%V (only parsing). Notation aₓ := (InjRV (nᵣ, #ℓₓ))%V (only parsing). Definition represents : val → Expr () → iProp Σ := fix represents (u : val) (e : Expr ()) : iProp Σ := match e with | Zero _ => ⌜ u = a₀ ⌝ | One _ => ⌜ u = a₁ ⌝ | Leaf _ _ => ⌜ u = aₓ ⌝ | Node _ op el er => a b, is_entry γ u (op, a, b) ∗ represents a el ∗ represents b er end%I.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ, x: val
e: Expr ()

Persistent (represents x e)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ, x: val
e: Expr ()

Persistent (represents x e)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val

(e : Expr ()) (x : val), Persistent (represents x e)
induction e; apply _. Qed. End represents. (* The following section contains general facts that are useful in the subsequent sections. *) Section general_facts.
A: Type
y: A
xs, ys: list A

NoDup (xs ++ y :: ys) → NoDup xs ∧ (y ∉ xs) ∧ ( x : A, x ∈ xs → x ∉ ys) ∧ (y ∉ ys) ∧ NoDup ys
A: Type
y: A
xs, ys: list A

NoDup (xs ++ y :: ys) → NoDup xs ∧ (y ∉ xs) ∧ ( x : A, x ∈ xs → x ∉ ys) ∧ (y ∉ ys) ∧ NoDup ys
A: Type
y: A
xs, ys: list A

(NoDup xs ∧ ( x : A, x ∈ xs → x ∉ [y]) ∧ NoDup [y]) ∧ ( x : A, x ∈ xs ++ [y] → x ∉ ys) ∧ NoDup ys → NoDup xs ∧ (y ∉ xs) ∧ ( x : A, x ∈ xs → x ∉ ys) ∧ (y ∉ ys) ∧ NoDup ys
A: Type
y: A
xs, ys: list A
HNoDup_xs: NoDup xs
Hnot_in_xs: x : A, x ∈ xs → x ∉ [y]
Hnot_in_ys: x : A, x ∈ xs ++ [y] → x ∉ ys
HNoDup_ys: NoDup ys

NoDup xs ∧ (y ∉ xs) ∧ ( x : A, x ∈ xs → x ∉ ys) ∧ (y ∉ ys) ∧ NoDup ys
A: Type
y: A
xs, ys: list A
HNoDup_xs: NoDup xs
Hnot_in_xs: x : A, x ∈ xs → x ∉ [y]
Hnot_in_ys: x : A, x ∈ xs ++ [y] → x ∉ ys
HNoDup_ys: NoDup ys

(y ∉ xs) ∧ ( x : A, x ∈ xs → x ∉ ys) ∧ (y ∉ ys) ∧ NoDup ys
A: Type
y: A
xs, ys: list A
HNoDup_xs: NoDup xs
Hnot_in_xs: x : A, x ∈ xs → x ∉ [y]
Hnot_in_ys: x : A, x ∈ xs ++ [y] → x ∉ ys
HNoDup_ys: NoDup ys

y ∉ xs
A: Type
y: A
xs, ys: list A
HNoDup_xs: NoDup xs
Hnot_in_xs: x : A, x ∈ xs → x ∉ [y]
Hnot_in_ys: x : A, x ∈ xs ++ [y] → x ∉ ys
HNoDup_ys: NoDup ys
x : A, x ∈ xs → x ∉ ys
A: Type
y: A
xs, ys: list A
HNoDup_xs: NoDup xs
Hnot_in_xs: x : A, x ∈ xs → x ∉ [y]
Hnot_in_ys: x : A, x ∈ xs ++ [y] → x ∉ ys
HNoDup_ys: NoDup ys
y ∉ ys
A: Type
y: A
xs, ys: list A
HNoDup_xs: NoDup xs
Hnot_in_xs: x : A, x ∈ xs → x ∉ [y]
Hnot_in_ys: x : A, x ∈ xs ++ [y] → x ∉ ys
HNoDup_ys: NoDup ys

y ∉ xs
A: Type
y: A
xs, ys: list A
HNoDup_xs: NoDup xs
Hnot_in_xs: x : A, x ∈ xs → x ∉ [y]
Hnot_in_ys: x : A, x ∈ xs ++ [y] → x ∉ ys
HNoDup_ys: NoDup ys
Hin: y ∈ xs

False
by apply (Hnot_in_xs _ Hin), elem_of_list_singleton.
A: Type
y: A
xs, ys: list A
HNoDup_xs: NoDup xs
Hnot_in_xs: x : A, x ∈ xs → x ∉ [y]
Hnot_in_ys: x : A, x ∈ xs ++ [y] → x ∉ ys
HNoDup_ys: NoDup ys

x : A, x ∈ xs → x ∉ ys
A: Type
y: A
xs, ys: list A
HNoDup_xs: NoDup xs
Hnot_in_xs: x : A, x ∈ xs → x ∉ [y]
Hnot_in_ys: x : A, x ∈ xs ++ [y] → x ∉ ys
HNoDup_ys: NoDup ys
y ∉ ys
A: Type
y: A
xs, ys: list A
HNoDup_xs: NoDup xs
Hnot_in_xs: x : A, x ∈ xs → x ∉ [y]
Hnot_in_ys: x : A, x ∈ xs ++ [y] → x ∉ ys
HNoDup_ys: NoDup ys

x : A, x ∈ xs → x ∉ ys
A: Type
y: A
xs, ys: list A
HNoDup_xs: NoDup xs
Hnot_in_xs: x : A, x ∈ xs → x ∉ [y]
Hnot_in_ys: x : A, x ∈ xs ++ [y] → x ∉ ys
HNoDup_ys: NoDup ys
x: A
Hin: x ∈ xs

x ∉ ys
A: Type
y: A
xs, ys: list A
HNoDup_xs: NoDup xs
Hnot_in_xs: x : A, x ∈ xs → x ∉ [y]
Hnot_in_ys: x : A, x ∈ xs ++ [y] → x ∉ ys
HNoDup_ys: NoDup ys
x: A
Hin: x ∈ xs

x ∈ xs ∨ x ∈ [y]
by left.
A: Type
y: A
xs, ys: list A
HNoDup_xs: NoDup xs
Hnot_in_xs: x : A, x ∈ xs → x ∉ [y]
Hnot_in_ys: x : A, x ∈ xs ++ [y] → x ∉ ys
HNoDup_ys: NoDup ys

y ∉ ys
A: Type
y: A
xs, ys: list A
HNoDup_xs: NoDup xs
Hnot_in_xs: x : A, x ∈ xs → x ∉ [y]
Hnot_in_ys: x : A, x ∈ xs ++ [y] → x ∉ ys
HNoDup_ys: NoDup ys

y ∉ ys
A: Type
y: A
xs, ys: list A
HNoDup_xs: NoDup xs
Hnot_in_xs: x : A, x ∈ xs → x ∉ [y]
Hnot_in_ys: x : A, x ∈ xs ++ [y] → x ∉ ys
HNoDup_ys: NoDup ys

y ∈ xs ∨ y ∈ [y]
A: Type
y: A
xs, ys: list A
HNoDup_xs: NoDup xs
Hnot_in_xs: x : A, x ∈ xs → x ∉ [y]
Hnot_in_ys: x : A, x ∈ xs ++ [y] → x ∉ ys
HNoDup_ys: NoDup ys

y ∈ [y]
by apply elem_of_list_singleton. } Qed.
A: Type
xs, ys: list A

NoDup (xs ++ ys) → NoDup xs
A: Type
xs, ys: list A

NoDup (xs ++ ys) → NoDup xs
A: Type
xs, ys: list A

NoDup xs ∧ ( x : A, x ∈ xs → x ∉ ys) ∧ NoDup ys → NoDup xs
by intros [? _]. Qed.
A: Type
xs, ys: list A

NoDup (xs ++ ys) → x : A, x ∈ xs → x ∉ ys
A: Type
xs, ys: list A

NoDup (xs ++ ys) → x : A, x ∈ xs → x ∉ ys
A: Type
xs, ys: list A

NoDup xs ∧ ( x : A, x ∈ xs → x ∉ ys) ∧ NoDup ys → x : A, x ∈ xs → x ∉ ys
by intros (_ & ? & _). Qed.
A: Type
xs, ys: list A

NoDup (xs ++ ys) → NoDup ys
A: Type
xs, ys: list A

NoDup (xs ++ ys) → NoDup ys
A: Type
xs, ys: list A

NoDup xs ∧ ( x : A, x ∈ xs → x ∉ ys) ∧ NoDup ys → NoDup ys
by intros (_ & _ & ?). Qed. (* Although very specific, this lemma is useful in combination with the invariants. *)
Σ: gFunctors
heapG0: heapG Σ
us: list val

([∗ list] u ∈ us, (v w : val) ( : loc), ℓ ↦ w ∗ ⌜u = InjRV (v, #ℓ)⌝) -∗ ⌜NoDup us⌝
Σ: gFunctors
heapG0: heapG Σ
us: list val

([∗ list] u ∈ us, (v w : val) ( : loc), ℓ ↦ w ∗ ⌜u = InjRV (v, #ℓ)⌝) -∗ ⌜NoDup us⌝
Σ: gFunctors
heapG0: heapG Σ
us: list val

"Hus" : [∗ list] u ∈ us, (v w : val) ( : loc), ℓ ↦ w ∗ ⌜u = InjRV (v, #ℓ)⌝ --------------------------------------∗ ⌜NoDup us⌝
Σ: gFunctors
heapG0: heapG Σ

"Hus" : [∗ list] u ∈ [], (v w : val) ( : loc), ℓ ↦ w ∗ ⌜u = InjRV (v, #ℓ)⌝ --------------------------------------∗ ⌜NoDup []⌝
Σ: gFunctors
heapG0: heapG Σ
u: val
us: list val
"IH" : ([∗ list] u ∈ us, (v w : val) ( : loc), ℓ ↦ w ∗ ⌜u = InjRV (v, #ℓ)⌝) -∗ ⌜ NoDup us⌝ --------------------------------------□ "Hus" : [∗ list] u ∈ (u :: us), (v w : val) ( : loc), ℓ ↦ w ∗ ⌜u = InjRV (v, #ℓ)⌝ --------------------------------------∗ ⌜NoDup (u :: us)⌝
Σ: gFunctors
heapG0: heapG Σ

"Hus" : [∗ list] u ∈ [], (v w : val) ( : loc), ℓ ↦ w ∗ ⌜u = InjRV (v, #ℓ)⌝ --------------------------------------∗ ⌜NoDup []⌝
Σ: gFunctors
heapG0: heapG Σ

NoDup []
by apply NoDup_nil.
Σ: gFunctors
heapG0: heapG Σ
u: val
us: list val

"IH" : ([∗ list] u ∈ us, (v w : val) ( : loc), ℓ ↦ w ∗ ⌜u = InjRV (v, #ℓ)⌝) -∗ ⌜NoDup us⌝ --------------------------------------□ "Hus" : [∗ list] u ∈ (u :: us), (v w : val) ( : loc), ℓ ↦ w ∗ ⌜u = InjRV (v, #ℓ)⌝ --------------------------------------∗ ⌜NoDup (u :: us)⌝
Σ: gFunctors
heapG0: heapG Σ
u: val
us: list val

"IH" : ([∗ list] u ∈ us, (v w : val) ( : loc), ℓ ↦ w ∗ ⌜u = InjRV (v, #ℓ)⌝) -∗ ⌜NoDup us⌝ --------------------------------------□ "Hus" : [∗ list] u ∈ (u :: us), (v w : val) ( : loc), ℓ ↦ w ∗ ⌜u = InjRV (v, #ℓ)⌝ --------------------------------------∗ ⌜NoDup (u :: us)⌝
Σ: gFunctors
heapG0: heapG Σ
u: val
us: list val

"IH" : ([∗ list] u ∈ us, (v w : val) ( : loc), ℓ ↦ w ∗ ⌜u = InjRV (v, #ℓ)⌝) -∗ ⌜NoDup us⌝ --------------------------------------□ "Hu" : (v w : val) ( : loc), ℓ ↦ w ∗ ⌜u = InjRV (v, #ℓ)⌝ "Hus" : [∗ list] y ∈ us, (v w : val) ( : loc), ℓ ↦ w ∗ ⌜y = InjRV (v, #ℓ)⌝ --------------------------------------∗ ⌜NoDup (u :: us)⌝
Σ: gFunctors
heapG0: heapG Σ
u: val
us: list val

"IH" : ([∗ list] u ∈ us, (v w : val) ( : loc), ℓ ↦ w ∗ ⌜u = InjRV (v, #ℓ)⌝) -∗ ⌜NoDup us⌝ --------------------------------------□ "Hu" : (v w : val) ( : loc), ℓ ↦ w ∗ ⌜u = InjRV (v, #ℓ)⌝ "Hus" : [∗ list] y ∈ us, (v w : val) ( : loc), ℓ ↦ w ∗ ⌜y = InjRV (v, #ℓ)⌝ --------------------------------------∗ ⌜u ∉ us⌝
Σ: gFunctors
heapG0: heapG Σ
u: val
us: list val
H: u ∉ us
"IH" : ([∗ list] u ∈ us, (v w : val) ( : loc), ℓ ↦ w ∗ ⌜u = InjRV (v, #ℓ)⌝) -∗ ⌜ NoDup us⌝ --------------------------------------□ "Hu" : (v w : val) ( : loc), ℓ ↦ w ∗ ⌜u = InjRV (v, #ℓ)⌝ "Hus" : [∗ list] y ∈ us, (v w : val) ( : loc), ℓ ↦ w ∗ ⌜y = InjRV (v, #ℓ)⌝ --------------------------------------∗ ⌜NoDup (u :: us)⌝
Σ: gFunctors
heapG0: heapG Σ
u: val
us: list val

"IH" : ([∗ list] u ∈ us, (v w : val) ( : loc), ℓ ↦ w ∗ ⌜u = InjRV (v, #ℓ)⌝) -∗ ⌜NoDup us⌝ --------------------------------------□ "Hu" : (v w : val) ( : loc), ℓ ↦ w ∗ ⌜u = InjRV (v, #ℓ)⌝ "Hus" : [∗ list] y ∈ us, (v w : val) ( : loc), ℓ ↦ w ∗ ⌜y = InjRV (v, #ℓ)⌝ --------------------------------------∗ ⌜u ∉ us⌝
Σ: gFunctors
heapG0: heapG Σ
u: val
us: list val
Hin: u ∈ us

"IH" : ([∗ list] u ∈ us, (v w : val) ( : loc), ℓ ↦ w ∗ ⌜u = InjRV (v, #ℓ)⌝) -∗ ⌜NoDup us⌝ --------------------------------------□ "Hu" : (v w : val) ( : loc), ℓ ↦ w ∗ ⌜u = InjRV (v, #ℓ)⌝ "Hus" : [∗ list] y ∈ us, (v w : val) ( : loc), ℓ ↦ w ∗ ⌜y = InjRV (v, #ℓ)⌝ --------------------------------------∗ False
Σ: gFunctors
heapG0: heapG Σ
u: val
us: list val
Hin: u ∈ us

"IH" : ([∗ list] u ∈ us, (v w : val) ( : loc), ℓ ↦ w ∗ ⌜u = InjRV (v, #ℓ)⌝) -∗ ⌜NoDup us⌝ --------------------------------------□ "Hu" : (v w : val) ( : loc), ℓ ↦ w ∗ ⌜u = InjRV (v, #ℓ)⌝ "Hu'" : (v w : val) ( : loc), ℓ ↦ w ∗ ⌜u = InjRV (v, #ℓ)⌝ --------------------------------------∗ False
Σ: gFunctors
heapG0: heapG Σ
us: list val
v: val
: loc
Hin: InjRV (v, #ℓ) ∈ us
w: val

"IH" : ([∗ list] u ∈ us, (v w : val) ( : loc), ℓ ↦ w ∗ ⌜u = InjRV (v, #ℓ)⌝) -∗ ⌜NoDup us⌝ --------------------------------------□ "Hu" : ℓ ↦ w "Hu'" : (v0 w : val) (ℓ0 : loc), ℓ0 ↦ w ∗ ⌜InjRV (v, #ℓ) = InjRV (v0, #ℓ0)⌝ --------------------------------------∗ False
Σ: gFunctors
heapG0: heapG Σ
us: list val
v: val
: loc
Hin: InjRV (v, #ℓ) ∈ us
w, v0, w0: val
ℓ0: loc
H: InjRV (v, #ℓ) = InjRV (v0, #ℓ0)

"IH" : ([∗ list] u ∈ us, (v w : val) ( : loc), ℓ ↦ w ∗ ⌜u = InjRV (v, #ℓ)⌝) -∗ ⌜NoDup us⌝ --------------------------------------□ "Hu" : ℓ ↦ w "Hu'" : ℓ0 ↦ w0 --------------------------------------∗ False
Σ: gFunctors
heapG0: heapG Σ
us: list val
v: val
: loc
Hin: InjRV (v, #ℓ) ∈ us
w, v0, w0: val
ℓ0: loc
Heq: InjRV (v, #ℓ) = InjRV (v0, #ℓ0)

"IH" : ([∗ list] u ∈ us, (v w : val) ( : loc), ℓ ↦ w ∗ ⌜u = InjRV (v, #ℓ)⌝) -∗ ⌜NoDup us⌝ --------------------------------------□ "Hu" : ℓ ↦ w "Hu'" : ℓ0 ↦ w0 --------------------------------------∗ False
Σ: gFunctors
heapG0: heapG Σ
us: list val
v: val
: loc
Hin: InjRV (v, #ℓ) ∈ us
w, v0, w0: val
ℓ0: loc
Heq: InjRV (v, #ℓ) = InjRV (v0, #ℓ0)
H0: v = v0
H1: ℓ = ℓ0

"IH" : ([∗ list] u ∈ us, (v w : val) ( : loc), ℓ ↦ w ∗ ⌜u = InjRV (v, #ℓ)⌝) -∗ ⌜NoDup us⌝ --------------------------------------□ "Hu" : ℓ0 ↦ w "Hu'" : ℓ0 ↦ w0 --------------------------------------∗ False
by iDestruct (mapsto_ne with "Hu Hu'") as "%".
Σ: gFunctors
heapG0: heapG Σ
u: val
us: list val
H: u ∉ us

"IH" : ([∗ list] u ∈ us, (v w : val) ( : loc), ℓ ↦ w ∗ ⌜u = InjRV (v, #ℓ)⌝) -∗ ⌜NoDup us⌝ --------------------------------------□ "Hu" : (v w : val) ( : loc), ℓ ↦ w ∗ ⌜u = InjRV (v, #ℓ)⌝ "Hus" : [∗ list] y ∈ us, (v w : val) ( : loc), ℓ ↦ w ∗ ⌜y = InjRV (v, #ℓ)⌝ --------------------------------------∗ ⌜NoDup (u :: us)⌝
Σ: gFunctors
heapG0: heapG Σ
u: val
us: list val
H: u ∉ us
H0: NoDup us

"IH" : ([∗ list] u ∈ us, (v w : val) ( : loc), ℓ ↦ w ∗ ⌜u = InjRV (v, #ℓ)⌝) -∗ ⌜NoDup us⌝ --------------------------------------□ "Hu" : (v w : val) ( : loc), ℓ ↦ w ∗ ⌜u = InjRV (v, #ℓ)⌝ "Hus" : [∗ list] y ∈ us, (v w : val) ( : loc), ℓ ↦ w ∗ ⌜y = InjRV (v, #ℓ)⌝ --------------------------------------∗ ⌜NoDup (u :: us)⌝
Σ: gFunctors
heapG0: heapG Σ
u: val
us: list val
H: u ∉ us
HNoDup: NoDup us

"IH" : ([∗ list] u ∈ us, (v w : val) ( : loc), ℓ ↦ w ∗ ⌜u = InjRV (v, #ℓ)⌝) -∗ ⌜NoDup us⌝ --------------------------------------□ "Hu" : (v w : val) ( : loc), ℓ ↦ w ∗ ⌜u = InjRV (v, #ℓ)⌝ "Hus" : [∗ list] y ∈ us, (v w : val) ( : loc), ℓ ↦ w ∗ ⌜y = InjRV (v, #ℓ)⌝ --------------------------------------∗ ⌜NoDup (u :: us)⌝
Σ: gFunctors
heapG0: heapG Σ
u: val
us: list val
H: u ∉ us
HNoDup: NoDup us

NoDup (u :: us)
by apply NoDup_cons_2. } Qed.
Σ: gFunctors
irisG0: irisG eff_lang Σ
A: Type
us: list A
Φ₁, Φ₂: nat → A → iProp Σ

( (i : nat) (u : A), us !! i = Some u → Φ₁ i u -∗ Φ₂ i u) → ([∗ list] i↦u ∈ us, Φ₁ i u) -∗ [∗ list] i↦u ∈ us, Φ₂ i u
Σ: gFunctors
irisG0: irisG eff_lang Σ
A: Type
us: list A
Φ₁, Φ₂: nat → A → iProp Σ

( (i : nat) (u : A), us !! i = Some u → Φ₁ i u -∗ Φ₂ i u) → ([∗ list] i↦u ∈ us, Φ₁ i u) -∗ [∗ list] i↦u ∈ us, Φ₂ i u
Σ: gFunctors
irisG0: irisG eff_lang Σ
A: Type
us: list A

Φ₁ Φ₂ : nat → A → iProp Σ, ( (i : nat) (u : A), us !! i = Some u → Φ₁ i u -∗ Φ₂ i u) → ([∗ list] i↦u ∈ us, Φ₁ i u) -∗ [∗ list] i↦u ∈ us, Φ₂ i u
Σ: gFunctors
irisG0: irisG eff_lang Σ
A: Type
u: A
us: list A
IHus: Φ₁ Φ₂ : nat → A → iProp Σ, ( (i : nat) (u : A), us !! i = Some u → Φ₁ i u -∗ Φ₂ i u) → ([∗ list] i↦u ∈ us, Φ₁ i u) -∗ [∗ list] i↦u ∈ us, Φ₂ i u

Φ₁ Φ₂ : nat → A → iProp Σ, ( (i : nat) (u0 : A), (u :: us) !! i = Some u0 → Φ₁ i u0 -∗ Φ₂ i u0) → ([∗ list] i↦u ∈ (u :: us), Φ₁ i u) -∗ [∗ list] i↦u ∈ (u :: us), Φ₂ i u
Σ: gFunctors
irisG0: irisG eff_lang Σ
A: Type
u: A
us: list A
IHus: Φ₁ Φ₂ : nat → A → iProp Σ, ( (i : nat) (u : A), us !! i = Some u → Φ₁ i u -∗ Φ₂ i u) → ([∗ list] i↦u ∈ us, Φ₁ i u) -∗ [∗ list] i↦u ∈ us, Φ₂ i u
Φ₁, Φ₂: nat → A → iProp Σ
Hmono: (i : nat) (u0 : A), (u :: us) !! i = Some u0 → Φ₁ i u0 -∗ Φ₂ i u0

([∗ list] i↦u ∈ (u :: us), Φ₁ i u) -∗ [∗ list] i↦u ∈ (u :: us), Φ₂ i u
Σ: gFunctors
irisG0: irisG eff_lang Σ
A: Type
u: A
us: list A
IHus: Φ₁ Φ₂ : nat → A → iProp Σ, ( (i : nat) (u : A), us !! i = Some u → Φ₁ i u -∗ Φ₂ i u) → ([∗ list] i↦u ∈ us, Φ₁ i u) -∗ [∗ list] i↦u ∈ us, Φ₂ i u
Φ₁, Φ₂: nat → A → iProp Σ
Hmono: (i : nat) (u0 : A), (u :: us) !! i = Some u0 → Φ₁ i u0 -∗ Φ₂ i u0

Φ₁ 0 u ∗ ([∗ list] n↦u ∈ us, Φ₁ (S n) u) -∗ Φ₂ 0 u ∗ ([∗ list] n↦u ∈ us, Φ₂ (S n) u)
Σ: gFunctors
irisG0: irisG eff_lang Σ
A: Type
u: A
us: list A
IHus: Φ₁ Φ₂ : nat → A → iProp Σ, ( (i : nat) (u : A), us !! i = Some u → Φ₁ i u -∗ Φ₂ i u) → ([∗ list] i↦u ∈ us, Φ₁ i u) -∗ [∗ list] i↦u ∈ us, Φ₂ i u
Φ₁, Φ₂: nat → A → iProp Σ
Hmono: (i : nat) (u0 : A), (u :: us) !! i = Some u0 → Φ₁ i u0 -∗ Φ₂ i u0

"Hu" : Φ₁ 0 u "Hus" : [∗ list] n↦u ∈ us, Φ₁ (S n) u --------------------------------------∗ Φ₂ 0 u ∗ ([∗ list] n↦u ∈ us, Φ₂ (S n) u)
Σ: gFunctors
irisG0: irisG eff_lang Σ
A: Type
u: A
us: list A
IHus: Φ₁ Φ₂ : nat → A → iProp Σ, ( (i : nat) (u : A), us !! i = Some u → Φ₁ i u -∗ Φ₂ i u) → ([∗ list] i↦u ∈ us, Φ₁ i u) -∗ [∗ list] i↦u ∈ us, Φ₂ i u
Φ₁, Φ₂: nat → A → iProp Σ
Hmono: (i : nat) (u0 : A), (u :: us) !! i = Some u0 → Φ₁ i u0 -∗ Φ₂ i u0

"Hu" : Φ₁ 0 u --------------------------------------∗ Φ₂ 0 u
Σ: gFunctors
irisG0: irisG eff_lang Σ
A: Type
u: A
us: list A
IHus: Φ₁ Φ₂ : nat → A → iProp Σ, ( (i : nat) (u : A), us !! i = Some u → Φ₁ i u -∗ Φ₂ i u) → ([∗ list] i↦u ∈ us, Φ₁ i u) -∗ [∗ list] i↦u ∈ us, Φ₂ i u
Φ₁, Φ₂: nat → A → iProp Σ
Hmono: (i : nat) (u0 : A), (u :: us) !! i = Some u0 → Φ₁ i u0 -∗ Φ₂ i u0
"Hus" : [∗ list] n↦u ∈ us, Φ₁ (S n) u --------------------------------------∗ [∗ list] n↦u ∈ us, Φ₂ (S n) u
Σ: gFunctors
irisG0: irisG eff_lang Σ
A: Type
u: A
us: list A
IHus: Φ₁ Φ₂ : nat → A → iProp Σ, ( (i : nat) (u : A), us !! i = Some u → Φ₁ i u -∗ Φ₂ i u) → ([∗ list] i↦u ∈ us, Φ₁ i u) -∗ [∗ list] i↦u ∈ us, Φ₂ i u
Φ₁, Φ₂: nat → A → iProp Σ
Hmono: (i : nat) (u0 : A), (u :: us) !! i = Some u0 → Φ₁ i u0 -∗ Φ₂ i u0

"Hu" : Φ₁ 0 u --------------------------------------∗ Φ₂ 0 u
by iApply (Hmono with "Hu").
Σ: gFunctors
irisG0: irisG eff_lang Σ
A: Type
u: A
us: list A
IHus: Φ₁ Φ₂ : nat → A → iProp Σ, ( (i : nat) (u : A), us !! i = Some u → Φ₁ i u -∗ Φ₂ i u) → ([∗ list] i↦u ∈ us, Φ₁ i u) -∗ [∗ list] i↦u ∈ us, Φ₂ i u
Φ₁, Φ₂: nat → A → iProp Σ
Hmono: (i : nat) (u0 : A), (u :: us) !! i = Some u0 → Φ₁ i u0 -∗ Φ₂ i u0

"Hus" : [∗ list] n↦u ∈ us, Φ₁ (S n) u --------------------------------------∗ [∗ list] n↦u ∈ us, Φ₂ (S n) u
Σ: gFunctors
irisG0: irisG eff_lang Σ
A: Type
u: A
us: list A
IHus: Φ₁ Φ₂ : nat → A → iProp Σ, ( (i : nat) (u : A), us !! i = Some u → Φ₁ i u -∗ Φ₂ i u) → ([∗ list] i↦u ∈ us, Φ₁ i u) -∗ [∗ list] i↦u ∈ us, Φ₂ i u
Φ₁, Φ₂: nat → A → iProp Σ
Hmono: (i : nat) (u0 : A), (u :: us) !! i = Some u0 → Φ₁ i u0 -∗ Φ₂ i u0

"Hus" : [∗ list] n↦u ∈ us, Φ₁ (S n) u --------------------------------------∗ [∗ list] n↦u ∈ us, Φ₂ (S n) u
Σ: gFunctors
irisG0: irisG eff_lang Σ
A: Type
u: A
us: list A
IHus: Φ₁ Φ₂ : nat → A → iProp Σ, ( (i : nat) (u : A), us !! i = Some u → Φ₁ i u -∗ Φ₂ i u) → ([∗ list] i↦u ∈ us, Φ₁ i u) -∗ [∗ list] i↦u ∈ us, Φ₂ i u
Φ₁, Φ₂: nat → A → iProp Σ
Hmono: (i : nat) (u0 : A), (u :: us) !! i = Some u0 → Φ₁ i u0 -∗ Φ₂ i u0

(i : nat) (u : A), us !! i = Some u → (λ (n : nat) (u0 : A), Φ₁ (S n) u0) i u -∗ (λ (i0 : nat) (u0 : A), Φ₂ (S i0) u0) i u
naive_solver. } Qed.
Σ: gFunctors
irisG0: irisG eff_lang Σ
A: Type
us: list A
Φ₁, Φ₂: A → iProp Σ

( u : A, u ∈ us → Φ₁ u -∗ Φ₂ u) → ([∗ list] u ∈ us, Φ₁ u) -∗ [∗ list] u ∈ us, Φ₂ u
Σ: gFunctors
irisG0: irisG eff_lang Σ
A: Type
us: list A
Φ₁, Φ₂: A → iProp Σ

( u : A, u ∈ us → Φ₁ u -∗ Φ₂ u) → ([∗ list] u ∈ us, Φ₁ u) -∗ [∗ list] u ∈ us, Φ₂ u
Σ: gFunctors
irisG0: irisG eff_lang Σ
A: Type
us: list A
Φ₁, Φ₂: A → iProp Σ
Hmono: u : A, u ∈ us → Φ₁ u -∗ Φ₂ u

([∗ list] u ∈ us, Φ₁ u) -∗ [∗ list] u ∈ us, Φ₂ u
Σ: gFunctors
irisG0: irisG eff_lang Σ
A: Type
us: list A
Φ₁, Φ₂: A → iProp Σ
Hmono: u : A, u ∈ us → Φ₁ u -∗ Φ₂ u

(i : nat) (u : A), us !! i = Some u → Φ₁ u -∗ Φ₂ u
Σ: gFunctors
irisG0: irisG eff_lang Σ
A: Type
us: list A
Φ₁, Φ₂: A → iProp Σ
Hmono: u : A, u ∈ us → Φ₁ u -∗ Φ₂ u
i: nat
u: A
Hlkp: us !! i = Some u

Φ₁ u -∗ Φ₂ u
Σ: gFunctors
irisG0: irisG eff_lang Σ
A: Type
us: list A
Φ₁, Φ₂: A → iProp Σ
Hmono: u : A, u ∈ us → Φ₁ u -∗ Φ₂ u
i: nat
u: A
Hlkp: us !! i = Some u

u ∈ us
by apply (elem_of_list_lookup_2 _ i). Qed. End general_facts. (** Forward invariant. *) (** The forward invariant is a predicate on contexts. If we imagine the execution of the client as a trace indexed by the sequence of arithmetic operations (that is, a context), then the invariant asserts what holds for each such sequence at each step. *) Section forward_invariant. Context `{!cgraphG Σ, !heapG Σ} {R : Set} {RS : RingSig R} {N : Num} {Ψ : iEff Σ} {NSpec : NumSpec N Ψ RS}. Variables (γ : gname) (* Identifies assertions of the same ghost theory. *) (ℓₓ : loc) (* Memory location associated with the input value. *) (r : R) (* The point at which the derivative was asked. *) (nᵣ : val). (* A value representing [r]. *) Notation a₀ := (InjLV (InjLV #()))%V (only parsing). Notation a₁ := (InjLV (InjRV #()))%V (only parsing). Notation aₓ := (InjRV (nᵣ, #ℓₓ))%V (only parsing). Notation adj_vars := ([a₀; a₁; aₓ]) (only parsing). Notation represents := (represents γ ℓₓ nᵣ) (only parsing). Definition forward_inv (K : context) : iProp Σ := ( let ϱ := (λ _, r).{[a₀ := Oᵣ]}.{[a₁ := Iᵣ]} in is_current_context γ K ∗ ⌜ u, u ∈ defs K → vars (Let K .in u) ⊆ {[a₀; a₁; aₓ]} ⌝ ∗ ( [∗ list] u ∈ defs K ++ [aₓ], v , implements v (ϱ.{[K]} u) ∗ ℓ ↦ nzero ∗ ⌜ u = InjRV (v, #ℓ)%V ⌝ ) )%I.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context

forward_inv K -∗ ⌜NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context

forward_inv K -∗ ⌜NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context

"HK" : [∗ list] u ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝ --------------------------------------∗ ⌜NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context

"HK" : [∗ list] u ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝ --------------------------------------∗ [∗ list] u ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), (v w : val) ( : loc), ℓ ↦ w ∗ ⌜u = InjRV (v, #ℓ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context

(k : nat) (y : val), (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! k = Some y → (λ (_ : nat) (u : val), (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝) k y -∗ (λ (_ : nat) (y0 : val), (v w : val) ( : loc), ℓ ↦ w ∗ ⌜y0 = InjRV (v, #ℓ)⌝) k y
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
i: nat
u: val

(λ (_ : nat) (u : val), (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝) i u -∗ (λ (_ : nat) (y : val), (v w : val) ( : loc), ℓ ↦ w ∗ ⌜y = InjRV (v, #ℓ)⌝) i u
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
i: nat
u: val

( (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝) -∗ (v w : val) ( : loc), ℓ ↦ w ∗ ⌜u = InjRV (v, #ℓ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
i: nat
u, v: val
: loc

"Hu" : ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝ --------------------------------------∗ (v w : val) ( : loc), ℓ ↦ w ∗ ⌜u = InjRV (v, #ℓ)⌝
by eauto. Qed.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context

forward_inv K -∗ ⌜NoDup (defs K)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context

forward_inv K -∗ ⌜NoDup (defs K)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context

"Hinv" : forward_inv K --------------------------------------∗ ⌜NoDup (defs K)⌝
by iDestruct (NoDup_defs_app_adj_vars with "Hinv") as %?%NoDup_app_11. Qed.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val

InjLV (InjRV #()) ≠ InjRV (nᵣ, #ℓₓ)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val

InjLV (InjRV #()) ≠ InjRV (nᵣ, #ℓₓ)
done. Qed.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val

InjLV (InjLV #()) ≠ InjRV (nᵣ, #ℓₓ)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val

InjLV (InjLV #()) ≠ InjRV (nᵣ, #ℓₓ)
done. Qed.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context

forward_inv K -∗ ⌜ a : val, a ∈ defs K → (v : val) ( : loc), a = InjRV (v, #ℓ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context

forward_inv K -∗ ⌜ a : val, a ∈ defs K → (v : val) ( : loc), a = InjRV (v, #ℓ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
a: val
Hin: a ∈ defs K

"Hheap" : [∗ list] u ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝ --------------------------------------∗ ⌜ (v : val) ( : loc), a = InjRV (v, #ℓ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
a: val
Hin: a ∈ defs K
i: nat
Hi: defs K !! i = Some a

"Hheap" : [∗ list] u ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝ --------------------------------------∗ ⌜ (v : val) ( : loc), a = InjRV (v, #ℓ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
a: val
Hin: a ∈ defs K
i: nat
Hi: defs K !! i = Some a

"Hheap" : (( (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K]}) a) ∗ ℓ ↦ nzero ∗ ⌜a = InjRV (v, #ℓ)⌝) ∗ ([∗ list] k↦y ∈ defs K, ⌜k ≠ i⌝ → (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K]}) y) ∗ ℓ ↦ nzero ∗ ⌜y = InjRV (v, #ℓ)⌝)) ∗ ([∗ list] y ∈ [InjRV (nᵣ, #ℓₓ)], (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K]}) y) ∗ ℓ ↦ nzero ∗ ⌜ y = InjRV (v, #ℓ)⌝) --------------------------------------∗ ⌜ (v : val) ( : loc), a = InjRV (v, #ℓ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
a: val
Hin: a ∈ defs K
i: nat
Hi: defs K !! i = Some a

"Ha" : (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K]}) a) ∗ ℓ ↦ nzero ∗ ⌜a = InjRV (v, #ℓ)⌝ --------------------------------------∗ ⌜ (v : val) ( : loc), a = InjRV (v, #ℓ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
v: val
: loc
Hin: InjRV (v, #ℓ) ∈ defs K
i: nat
Hi: defs K !! i = Some (InjRV (v, #ℓ))

--------------------------------------∗ ⌜ (v0 : val) (ℓ0 : loc), InjRV (v, #ℓ) = InjRV (v0, #ℓ0)⌝
by eauto. Qed.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context

forward_inv K -∗ ⌜ a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context

forward_inv K -∗ ⌜ a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context

"Hinv" : forward_inv K --------------------------------------∗ ⌜ a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
H: a : val, a ∈ defs K → (v : val) ( : loc), a = InjRV (v, #ℓ)

"Hinv" : forward_inv K --------------------------------------∗ ⌜ a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
H: a : val, a ∈ defs K → (v : val) ( : loc), a = InjRV (v, #ℓ)

a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
H: a : val, a ∈ defs K → (v : val) ( : loc), a = InjRV (v, #ℓ)
a: val

a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
H: a : val, a ∈ defs K → (v : val) ( : loc), a = InjRV (v, #ℓ)
a: val

a ∈ defs K ∨ a = InjRV (nᵣ, #ℓₓ) ∨ False (v : val) ( : loc), a = InjRV (v, #ℓ)
by intros [|[->|]]; eauto. Qed.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context

forward_inv K -∗ ⌜(InjLV (InjLV #()) ∉ defs K) ∧ (InjLV (InjRV #()) ∉ defs K) ∧ InjRV (nᵣ, #ℓₓ) ∉ defs K⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context

forward_inv K -∗ ⌜(InjLV (InjLV #()) ∉ defs K) ∧ (InjLV (InjRV #()) ∉ defs K) ∧ InjRV (nᵣ, #ℓₓ) ∉ defs K⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context

"Hinv" : forward_inv K --------------------------------------∗ ⌜(InjLV (InjLV #()) ∉ defs K) ∧ (InjLV (InjRV #()) ∉ defs K) ∧ InjRV (nᵣ, #ℓₓ) ∉ defs K⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])

"Hinv" : forward_inv K --------------------------------------∗ ⌜(InjLV (InjLV #()) ∉ defs K) ∧ (InjLV (InjRV #()) ∉ defs K) ∧ InjRV (nᵣ, #ℓₓ) ∉ defs K⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K → (v : val) ( : loc), a = InjRV (v, #ℓ)

"Hinv" : forward_inv K --------------------------------------∗ ⌜(InjLV (InjLV #()) ∉ defs K) ∧ (InjLV (InjRV #()) ∉ defs K) ∧ InjRV (nᵣ, #ℓₓ) ∉ defs K⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
Hdefs: a : val, a ∈ defs K → (v : val) ( : loc), a = InjRV (v, #ℓ)

NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)]) → "Hinv" : forward_inv K --------------------------------------∗ ⌜(InjLV (InjLV #()) ∉ defs K) ∧ (InjLV (InjRV #()) ∉ defs K) ∧ InjRV (nᵣ, #ℓₓ) ∉ defs K⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
Hdefs: a : val, a ∈ defs K → (v : val) ( : loc), a = InjRV (v, #ℓ)

NoDup (defs K) ∧ ( x : val, x ∈ defs K → x ∉ [InjRV (nᵣ, #ℓₓ)]) ∧ NoDup [InjRV (nᵣ, #ℓₓ)] → "Hinv" : forward_inv K --------------------------------------∗ ⌜(InjLV (InjLV #()) ∉ defs K) ∧ (InjLV (InjRV #()) ∉ defs K) ∧ InjRV (nᵣ, #ℓₓ) ∉ defs K⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
Hdefs: a : val, a ∈ defs K → (v : val) ( : loc), a = InjRV (v, #ℓ)
Hinter: x : val, x ∈ defs K → x ∉ [InjRV (nᵣ, #ℓₓ)]

"Hinv" : forward_inv K --------------------------------------∗ ⌜(InjLV (InjLV #()) ∉ defs K) ∧ (InjLV (InjRV #()) ∉ defs K) ∧ InjRV (nᵣ, #ℓₓ) ∉ defs K⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
Hdefs: a : val, a ∈ defs K → (v : val) ( : loc), a = InjRV (v, #ℓ)
Hinter: x : val, x ∈ defs K → x ∉ [InjRV (nᵣ, #ℓₓ)]

(InjLV (InjLV #()) ∉ defs K) ∧ (InjLV (InjRV #()) ∉ defs K) ∧ InjRV (nᵣ, #ℓₓ) ∉ defs K
set_solver. Qed.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context

forward_inv K -∗ ⌜InjLV (InjLV #()) ∉ defs K⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context

forward_inv K -∗ ⌜InjLV (InjLV #()) ∉ defs K⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context

"Hinv" : forward_inv K --------------------------------------∗ ⌜InjLV (InjLV #()) ∉ defs K⌝
by iDestruct (adj_vars_not_in_defs with "Hinv") as %(?&_&_). Qed.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context

forward_inv K -∗ ⌜InjLV (InjRV #()) ∉ defs K⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context

forward_inv K -∗ ⌜InjLV (InjRV #()) ∉ defs K⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context

"Hinv" : forward_inv K --------------------------------------∗ ⌜InjLV (InjRV #()) ∉ defs K⌝
by iDestruct (adj_vars_not_in_defs with "Hinv") as %(_&?&_). Qed.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context

forward_inv K -∗ ⌜InjRV (nᵣ, #ℓₓ) ∉ defs K⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context

forward_inv K -∗ ⌜InjRV (nᵣ, #ℓₓ) ∉ defs K⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context

"Hinv" : forward_inv K --------------------------------------∗ ⌜InjRV (nᵣ, #ℓₓ) ∉ defs K⌝
by iDestruct (adj_vars_not_in_defs with "Hinv") as %(_&_&?). Qed.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K, K₁, K₂: list (val * (Binop * val * val))
x: val
op: Binop
a, b, c: val

c = a ∨ c = b → K = K₁ ++ (x, (op, a, b)) :: K₂ → forward_inv K -∗ ⌜c ∉ x :: defs K₂⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K, K₁, K₂: list (val * (Binop * val * val))
x: val
op: Binop
a, b, c: val

c = a ∨ c = b → K = K₁ ++ (x, (op, a, b)) :: K₂ → forward_inv K -∗ ⌜c ∉ x :: defs K₂⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K₁, K₂: list (val * (Binop * val * val))
x: val
op: Binop
a, b, c: val
Hc: c = a ∨ c = b

forward_inv (K₁ ++ (x, (op, a, b)) :: K₂) -∗ ⌜c ∉ x :: defs K₂⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K₁, K₂: list (val * (Binop * val * val))
x: val
op: Binop
a, b, c: val
Hc: c = a ∨ c = b
Hin: c ∈ x :: defs K₂

"Hinv" : forward_inv (K₁ ++ (x, (op, a, b)) :: K₂) --------------------------------------∗ False
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K₁, K₂: list (val * (Binop * val * val))
x: val
op: Binop
a, b, c: val
Hc: c = a ∨ c = b
Hin: c ∈ x :: defs K₂
Ha₀: InjLV (InjLV #()) ∉ defs (K₁ ++ (x, (op, a, b)) :: K₂)
Ha₁: InjLV (InjRV #()) ∉ defs (K₁ ++ (x, (op, a, b)) :: K₂)
Haₓ: InjRV (nᵣ, #ℓₓ) ∉ defs (K₁ ++ (x, (op, a, b)) :: K₂)

"Hinv" : forward_inv (K₁ ++ (x, (op, a, b)) :: K₂) --------------------------------------∗ False
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K₁, K₂: list (val * (Binop * val * val))
x: val
op: Binop
a, b, c: val
Hc: c = a ∨ c = b
Hin: c ∈ x :: defs K₂
Ha₀: InjLV (InjLV #()) ∉ defs (K₁ ++ (x, (op, a, b)) :: K₂)
Ha₁: InjLV (InjRV #()) ∉ defs (K₁ ++ (x, (op, a, b)) :: K₂)
Haₓ: InjRV (nᵣ, #ℓₓ) ∉ defs (K₁ ++ (x, (op, a, b)) :: K₂)
HNoDup: NoDup (defs (K₁ ++ (x, (op, a, b)) :: K₂) ++ [InjRV (nᵣ, #ℓₓ)])

"Hinv" : forward_inv (K₁ ++ (x, (op, a, b)) :: K₂) --------------------------------------∗ False
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K₁, K₂: list (val * (Binop * val * val))
x: val
op: Binop
a, b, c: val
Hc: c = a ∨ c = b
Hin: c ∈ x :: defs K₂
Ha₀: InjLV (InjLV #()) ∉ defs (K₁ ++ (x, (op, a, b)) :: K₂)
Ha₁: InjLV (InjRV #()) ∉ defs (K₁ ++ (x, (op, a, b)) :: K₂)
Haₓ: InjRV (nᵣ, #ℓₓ) ∉ defs (K₁ ++ (x, (op, a, b)) :: K₂)
HNoDup: NoDup (defs (K₁ ++ (x, (op, a, b)) :: K₂) ++ [InjRV (nᵣ, #ℓₓ)])
H: u : val, u ∈ defs (K₁ ++ (x, (op, a, b)) :: K₂) → vars (Let K₁ ++ (x, (op, a, b)) :: K₂ .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}

--------------------------------------∗ False
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K₁, K₂: list (val * (Binop * val * val))
x: val
op: Binop
a, b, c: val
Hc: c = a ∨ c = b
Hin: c ∈ x :: defs K₂
Ha₀: InjLV (InjLV #()) ∉ defs (K₁ ++ (x, (op, a, b)) :: K₂)
Ha₁: InjLV (InjRV #()) ∉ defs (K₁ ++ (x, (op, a, b)) :: K₂)
Haₓ: InjRV (nᵣ, #ℓₓ) ∉ defs (K₁ ++ (x, (op, a, b)) :: K₂)
HNoDup: NoDup (defs (K₁ ++ (x, (op, a, b)) :: K₂) ++ [InjRV (nᵣ, #ℓₓ)])
Hvars: u : val, u ∈ defs (K₁ ++ (x, (op, a, b)) :: K₂) → vars (Let K₁ ++ (x, (op, a, b)) :: K₂ .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}

--------------------------------------∗ False
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K₁, K₂: list (val * (Binop * val * val))
x: val
op: Binop
a, b, c: val
Hc: c = a ∨ c = b
Hin: c ∈ x :: defs K₂
Ha₀: InjLV (InjLV #()) ∉ defs (K₁ ++ (x, (op, a, b)) :: K₂)
Ha₁: InjLV (InjRV #()) ∉ defs (K₁ ++ (x, (op, a, b)) :: K₂)
Haₓ: InjRV (nᵣ, #ℓₓ) ∉ defs (K₁ ++ (x, (op, a, b)) :: K₂)
HNoDup: NoDup (defs (K₁ ++ (x, (op, a, b)) :: K₂) ++ [InjRV (nᵣ, #ℓₓ)])
Hvars: u : val, u ∈ defs (K₁ ++ (x, (op, a, b)) :: K₂) → vars (Let K₁ ++ (x, (op, a, b)) :: K₂ .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}

False
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K₁, K₂: list (val * (Binop * val * val))
x: val
op: Binop
a, b, c: val
Hc: c = a ∨ c = b
Hin: c ∈ x :: defs K₂
HNoDup: NoDup ((defs K₁ ++ x :: defs K₂) ++ [InjRV (nᵣ, #ℓₓ)])
Hvars: u : val, u ∈ defs K₁ ++ x :: defs K₂ → vars (Let K₁ ++ (x, (op, a, b)) :: K₂ .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Ha₀: InjLV (InjLV #()) ∉ defs K₁ ++ x :: defs K₂
Ha₁: InjLV (InjRV #()) ∉ defs K₁ ++ x :: defs K₂
Haₓ: InjRV (nᵣ, #ℓₓ) ∉ defs K₁ ++ x :: defs K₂

False
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K₁, K₂: list (val * (Binop * val * val))
x: val
op: Binop
a, b, c: val
Hc: c = a ∨ c = b
Hin: c ∈ x :: defs K₂
HNoDup: NoDup ((defs K₁ ++ x :: defs K₂) ++ [InjRV (nᵣ, #ℓₓ)])
Hvars: u : val, u ∈ defs K₁ ++ x :: defs K₂ → vars (Let K₁ ++ (x, (op, a, b)) :: K₂ .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Ha₀: InjLV (InjLV #()) ∉ defs K₁ ++ x :: defs K₂
Ha₁: InjLV (InjRV #()) ∉ defs K₁ ++ x :: defs K₂
Haₓ: InjRV (nᵣ, #ℓₓ) ∉ defs K₁ ++ x :: defs K₂

c ∈ [InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)] → False
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K₁, K₂: list (val * (Binop * val * val))
x: val
op: Binop
a, b, c: val
Hc: c = a ∨ c = b
Hin: c ∈ x :: defs K₂
HNoDup: NoDup ((defs K₁ ++ x :: defs K₂) ++ [InjRV (nᵣ, #ℓₓ)])
Hvars: u : val, u ∈ defs K₁ ++ x :: defs K₂ → vars (Let K₁ ++ (x, (op, a, b)) :: K₂ .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Ha₀: InjLV (InjLV #()) ∉ defs K₁ ++ x :: defs K₂
Ha₁: InjLV (InjRV #()) ∉ defs K₁ ++ x :: defs K₂
Haₓ: InjRV (nᵣ, #ℓₓ) ∉ defs K₁ ++ x :: defs K₂
c ∈ [InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K₁, K₂: list (val * (Binop * val * val))
x: val
op: Binop
a, b, c: val
Hc: c = a ∨ c = b
Hin: c ∈ x :: defs K₂
HNoDup: NoDup ((defs K₁ ++ x :: defs K₂) ++ [InjRV (nᵣ, #ℓₓ)])
Hvars: u : val, u ∈ defs K₁ ++ x :: defs K₂ → vars (Let K₁ ++ (x, (op, a, b)) :: K₂ .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Ha₀: InjLV (InjLV #()) ∉ defs K₁ ++ x :: defs K₂
Ha₁: InjLV (InjRV #()) ∉ defs K₁ ++ x :: defs K₂
Haₓ: InjRV (nᵣ, #ℓₓ) ∉ defs K₁ ++ x :: defs K₂

c ∈ [InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)] → False
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K₁, K₂: list (val * (Binop * val * val))
x: val
op: Binop
a, b, c: val
Hc: c = a ∨ c = b
Hin: c ∈ x :: defs K₂
HNoDup: NoDup ((defs K₁ ++ x :: defs K₂) ++ [InjRV (nᵣ, #ℓₓ)])
Hvars: u : val, u ∈ defs K₁ ++ x :: defs K₂ → vars (Let K₁ ++ (x, (op, a, b)) :: K₂ .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Ha₀: InjLV (InjLV #()) ∉ defs K₁ ++ x :: defs K₂
Ha₁: InjLV (InjRV #()) ∉ defs K₁ ++ x :: defs K₂
Haₓ: InjRV (nᵣ, #ℓₓ) ∉ defs K₁ ++ x :: defs K₂

c = InjLV (InjLV #()) ∨ c = InjLV (InjRV #()) ∨ c = InjRV (nᵣ, #ℓₓ) ∨ FalseFalse
intros [->|[->|[->|]]]; last done; [apply Ha₀|apply Ha₁|apply Haₓ]; rewrite elem_of_app; by right.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K₁, K₂: list (val * (Binop * val * val))
x: val
op: Binop
a, b, c: val
Hc: c = a ∨ c = b
Hin: c ∈ x :: defs K₂
HNoDup: NoDup ((defs K₁ ++ x :: defs K₂) ++ [InjRV (nᵣ, #ℓₓ)])
Hvars: u : val, u ∈ defs K₁ ++ x :: defs K₂ → vars (Let K₁ ++ (x, (op, a, b)) :: K₂ .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Ha₀: InjLV (InjLV #()) ∉ defs K₁ ++ x :: defs K₂
Ha₁: InjLV (InjRV #()) ∉ defs K₁ ++ x :: defs K₂
Haₓ: InjRV (nᵣ, #ℓₓ) ∉ defs K₁ ++ x :: defs K₂

c ∈ [InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K₁, K₂: list (val * (Binop * val * val))
x: val
op: Binop
a, b, c: val
Hc: c = a ∨ c = b
Hin: c ∈ x :: defs K₂
HNoDup: NoDup ((defs K₁ ++ x :: defs K₂) ++ [InjRV (nᵣ, #ℓₓ)])
Hvars: u : val, u ∈ defs K₁ ++ x :: defs K₂ → vars (Let K₁ ++ (x, (op, a, b)) :: K₂ .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Ha₀: InjLV (InjLV #()) ∉ defs K₁ ++ x :: defs K₂
Ha₁: InjLV (InjRV #()) ∉ defs K₁ ++ x :: defs K₂
Haₓ: InjRV (nᵣ, #ℓₓ) ∉ defs K₁ ++ x :: defs K₂

c ∈ [InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K₁, K₂: list (val * (Binop * val * val))
x: val
op: Binop
a, b, c: val
Hc: c = a ∨ c = b
Hin: c ∈ x :: defs K₂
HNoDup: NoDup ((defs K₁ ++ x :: defs K₂) ++ [InjRV (nᵣ, #ℓₓ)])
Hvars: u : val, u ∈ defs K₁ ++ x :: defs K₂ → vars (Let K₁ ++ (x, (op, a, b)) :: K₂ .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Ha₀: InjLV (InjLV #()) ∉ defs K₁ ++ x :: defs K₂
Ha₁: InjLV (InjRV #()) ∉ defs K₁ ++ x :: defs K₂
Haₓ: InjRV (nᵣ, #ℓₓ) ∉ defs K₁ ++ x :: defs K₂

c ∈ ({[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]} : gset val)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K₁, K₂: list (val * (Binop * val * val))
x: val
op: Binop
a, b, c: val
Hc: c = a ∨ c = b
Hin: c ∈ x :: defs K₂
HNoDup: NoDup ((defs K₁ ++ x :: defs K₂) ++ [InjRV (nᵣ, #ℓₓ)])
Hvars: u : val, u ∈ defs K₁ ++ x :: defs K₂ → vars (Let K₁ ++ (x, (op, a, b)) :: K₂ .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Ha₀: InjLV (InjLV #()) ∉ defs K₁ ++ x :: defs K₂
Ha₁: InjLV (InjRV #()) ∉ defs K₁ ++ x :: defs K₂
Haₓ: InjRV (nᵣ, #ℓₓ) ∉ defs K₁ ++ x :: defs K₂

x ∈ defs K₁ ++ x :: defs K₂
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K₁, K₂: list (val * (Binop * val * val))
x: val
op: Binop
a, b, c: val
Hc: c = a ∨ c = b
Hin: c ∈ x :: defs K₂
HNoDup: NoDup ((defs K₁ ++ x :: defs K₂) ++ [InjRV (nᵣ, #ℓₓ)])
Hvars: u : val, u ∈ defs K₁ ++ x :: defs K₂ → vars (Let K₁ ++ (x, (op, a, b)) :: K₂ .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Ha₀: InjLV (InjLV #()) ∉ defs K₁ ++ x :: defs K₂
Ha₁: InjLV (InjRV #()) ∉ defs K₁ ++ x :: defs K₂
Haₓ: InjRV (nᵣ, #ℓₓ) ∉ defs K₁ ++ x :: defs K₂
Hx_in: x ∈ defs K₁ ++ x :: defs K₂
c ∈ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K₁, K₂: list (val * (Binop * val * val))
x: val
op: Binop
a, b, c: val
Hc: c = a ∨ c = b
Hin: c ∈ x :: defs K₂
HNoDup: NoDup ((defs K₁ ++ x :: defs K₂) ++ [InjRV (nᵣ, #ℓₓ)])
Hvars: u : val, u ∈ defs K₁ ++ x :: defs K₂ → vars (Let K₁ ++ (x, (op, a, b)) :: K₂ .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Ha₀: InjLV (InjLV #()) ∉ defs K₁ ++ x :: defs K₂
Ha₁: InjLV (InjRV #()) ∉ defs K₁ ++ x :: defs K₂
Haₓ: InjRV (nᵣ, #ℓₓ) ∉ defs K₁ ++ x :: defs K₂

x ∈ defs K₁ ++ x :: defs K₂
set_solver.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K₁, K₂: list (val * (Binop * val * val))
x: val
op: Binop
a, b, c: val
Hc: c = a ∨ c = b
Hin: c ∈ x :: defs K₂
HNoDup: NoDup ((defs K₁ ++ x :: defs K₂) ++ [InjRV (nᵣ, #ℓₓ)])
Hvars: u : val, u ∈ defs K₁ ++ x :: defs K₂ → vars (Let K₁ ++ (x, (op, a, b)) :: K₂ .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Ha₀: InjLV (InjLV #()) ∉ defs K₁ ++ x :: defs K₂
Ha₁: InjLV (InjRV #()) ∉ defs K₁ ++ x :: defs K₂
Haₓ: InjRV (nᵣ, #ℓₓ) ∉ defs K₁ ++ x :: defs K₂
Hx_in: x ∈ defs K₁ ++ x :: defs K₂

c ∈ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K₁, K₂: list (val * (Binop * val * val))
x: val
op: Binop
a, b, c: val
Hc: c = a ∨ c = b
Hin: c ∈ x :: defs K₂
HNoDup: NoDup ((defs K₁ ++ x :: defs K₂) ++ [InjRV (nᵣ, #ℓₓ)])
Hvars: u : val, u ∈ defs K₁ ++ x :: defs K₂ → vars (Let K₁ ++ (x, (op, a, b)) :: K₂ .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Ha₀: InjLV (InjLV #()) ∉ defs K₁ ++ x :: defs K₂
Ha₁: InjLV (InjRV #()) ∉ defs K₁ ++ x :: defs K₂
Haₓ: InjRV (nᵣ, #ℓₓ) ∉ defs K₁ ++ x :: defs K₂
Hx_in: x ∈ defs K₁ ++ x :: defs K₂

c ∈ vars (Let K₁ ++ (x, (op, a, b)) :: K₂ .in x)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K₁, K₂: list (val * (Binop * val * val))
x: val
op: Binop
a, b, c: val
Hc: c = a ∨ c = b
Hin: c ∈ x :: defs K₂
HNoDup: NoDup ((defs K₁ ++ x :: defs K₂) ++ [InjRV (nᵣ, #ℓₓ)])
Hvars: u : val, u ∈ defs K₁ ++ x :: defs K₂ → vars (Let K₁ ++ (x, (op, a, b)) :: K₂ .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Ha₀: InjLV (InjLV #()) ∉ defs K₁ ++ x :: defs K₂
Ha₁: InjLV (InjRV #()) ∉ defs K₁ ++ x :: defs K₂
Haₓ: InjRV (nᵣ, #ℓₓ) ∉ defs K₁ ++ x :: defs K₂
Hx_in: x ∈ defs K₁ ++ x :: defs K₂

c ∉ defs K₁
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K₁, K₂: list (val * (Binop * val * val))
x: val
op: Binop
a, b, c: val
Hc: c = a ∨ c = b
Hin: c ∈ x :: defs K₂
HNoDup: NoDup ((defs K₁ ++ x :: defs K₂) ++ [InjRV (nᵣ, #ℓₓ)])
Hvars: u : val, u ∈ defs K₁ ++ x :: defs K₂ → vars (Let K₁ ++ (x, (op, a, b)) :: K₂ .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Ha₀: InjLV (InjLV #()) ∉ defs K₁ ++ x :: defs K₂
Ha₁: InjLV (InjRV #()) ∉ defs K₁ ++ x :: defs K₂
Haₓ: InjRV (nᵣ, #ℓₓ) ∉ defs K₁ ++ x :: defs K₂
Hx_in: x ∈ defs K₁ ++ x :: defs K₂
Hc_notin: c ∉ defs K₁
c ∈ vars (Let K₁ ++ (x, (op, a, b)) :: K₂ .in x)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K₁, K₂: list (val * (Binop * val * val))
x: val
op: Binop
a, b, c: val
Hc: c = a ∨ c = b
Hin: c ∈ x :: defs K₂
HNoDup: NoDup ((defs K₁ ++ x :: defs K₂) ++ [InjRV (nᵣ, #ℓₓ)])
Hvars: u : val, u ∈ defs K₁ ++ x :: defs K₂ → vars (Let K₁ ++ (x, (op, a, b)) :: K₂ .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Ha₀: InjLV (InjLV #()) ∉ defs K₁ ++ x :: defs K₂
Ha₁: InjLV (InjRV #()) ∉ defs K₁ ++ x :: defs K₂
Haₓ: InjRV (nᵣ, #ℓₓ) ∉ defs K₁ ++ x :: defs K₂
Hx_in: x ∈ defs K₁ ++ x :: defs K₂

c ∉ defs K₁
destruct Hc as [<-|<-]; intros Hin_K₁; by apply (NoDup_app_12 _ _ (NoDup_app_11 _ _ HNoDup) c).
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K₁, K₂: list (val * (Binop * val * val))
x: val
op: Binop
a, b, c: val
Hc: c = a ∨ c = b
Hin: c ∈ x :: defs K₂
HNoDup: NoDup ((defs K₁ ++ x :: defs K₂) ++ [InjRV (nᵣ, #ℓₓ)])
Hvars: u : val, u ∈ defs K₁ ++ x :: defs K₂ → vars (Let K₁ ++ (x, (op, a, b)) :: K₂ .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Ha₀: InjLV (InjLV #()) ∉ defs K₁ ++ x :: defs K₂
Ha₁: InjLV (InjRV #()) ∉ defs K₁ ++ x :: defs K₂
Haₓ: InjRV (nᵣ, #ℓₓ) ∉ defs K₁ ++ x :: defs K₂
Hx_in: x ∈ defs K₁ ++ x :: defs K₂
Hc_notin: c ∉ defs K₁

c ∈ vars (Let K₁ ++ (x, (op, a, b)) :: K₂ .in x)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K₁, K₂: list (val * (Binop * val * val))
x: val
op: Binop
a, b, c: val
Hc: c = a ∨ c = b
Hin: c ∈ x :: defs K₂
HNoDup: NoDup ((defs K₁ ++ x :: defs K₂) ++ [InjRV (nᵣ, #ℓₓ)])
Hvars: u : val, u ∈ defs K₁ ++ x :: defs K₂ → vars (Let K₁ ++ (x, (op, a, b)) :: K₂ .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Ha₀: InjLV (InjLV #()) ∉ defs K₁ ++ x :: defs K₂
Ha₁: InjLV (InjRV #()) ∉ defs K₁ ++ x :: defs K₂
Haₓ: InjRV (nᵣ, #ℓₓ) ∉ defs K₁ ++ x :: defs K₂
Hx_in: x ∈ defs K₁ ++ x :: defs K₂
Hc_notin: c ∉ defs K₁

c ∈ vars (Node val op (Let K₁ .in a) (Let K₁ .in b))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K₁, K₂: list (val * (Binop * val * val))
x: val
op: Binop
a, b, c: val
Hc: c = a ∨ c = b
Hin: c ∈ x :: defs K₂
HNoDup: NoDup ((defs K₁ ++ x :: defs K₂) ++ [InjRV (nᵣ, #ℓₓ)])
Hvars: u : val, u ∈ defs K₁ ++ x :: defs K₂ → vars (Let K₁ ++ (x, (op, a, b)) :: K₂ .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Ha₀: InjLV (InjLV #()) ∉ defs K₁ ++ x :: defs K₂
Ha₁: InjLV (InjRV #()) ∉ defs K₁ ++ x :: defs K₂
Haₓ: InjRV (nᵣ, #ℓₓ) ∉ defs K₁ ++ x :: defs K₂
Hx_in: x ∈ defs K₁ ++ x :: defs K₂
Hc_notin: c ∉ defs K₁
x ∉ defs K₂
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K₁, K₂: list (val * (Binop * val * val))
x: val
op: Binop
a, b, c: val
Hc: c = a ∨ c = b
Hin: c ∈ x :: defs K₂
HNoDup: NoDup ((defs K₁ ++ x :: defs K₂) ++ [InjRV (nᵣ, #ℓₓ)])
Hvars: u : val, u ∈ defs K₁ ++ x :: defs K₂ → vars (Let K₁ ++ (x, (op, a, b)) :: K₂ .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Ha₀: InjLV (InjLV #()) ∉ defs K₁ ++ x :: defs K₂
Ha₁: InjLV (InjRV #()) ∉ defs K₁ ++ x :: defs K₂
Haₓ: InjRV (nᵣ, #ℓₓ) ∉ defs K₁ ++ x :: defs K₂
Hx_in: x ∈ defs K₁ ++ x :: defs K₂
Hc_notin: c ∉ defs K₁

c ∈ vars (Node val op (Let K₁ .in a) (Let K₁ .in b))
destruct Hc as [<-|<-]; rewrite //= (filling_undefined _ c Hc_notin); set_solver.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K₁, K₂: list (val * (Binop * val * val))
x: val
op: Binop
a, b, c: val
Hc: c = a ∨ c = b
Hin: c ∈ x :: defs K₂
HNoDup: NoDup ((defs K₁ ++ x :: defs K₂) ++ [InjRV (nᵣ, #ℓₓ)])
Hvars: u : val, u ∈ defs K₁ ++ x :: defs K₂ → vars (Let K₁ ++ (x, (op, a, b)) :: K₂ .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Ha₀: InjLV (InjLV #()) ∉ defs K₁ ++ x :: defs K₂
Ha₁: InjLV (InjRV #()) ∉ defs K₁ ++ x :: defs K₂
Haₓ: InjRV (nᵣ, #ℓₓ) ∉ defs K₁ ++ x :: defs K₂
Hx_in: x ∈ defs K₁ ++ x :: defs K₂
Hc_notin: c ∉ defs K₁

x ∉ defs K₂
by specialize (NoDup_cons_middle _ _ _ (NoDup_app_11 _ _ HNoDup)) as (_&_&_&?&_). } Qed.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K, K₁, K₂: list (val * (Binop * val * val))
x: val
op: Binop
a, b: val

K = K₁ ++ (x, (op, a, b)) :: K₂ → forward_inv K -∗ ⌜a ∉ x :: defs K₂⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K, K₁, K₂: list (val * (Binop * val * val))
x: val
op: Binop
a, b: val

K = K₁ ++ (x, (op, a, b)) :: K₂ → forward_inv K -∗ ⌜a ∉ x :: defs K₂⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K, K₁, K₂: list (val * (Binop * val * val))
x: val
op: Binop
a, b: val

a = a ∨ a = b
by left. Qed.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K, K₁, K₂: list (val * (Binop * val * val))
x: val
op: Binop
a, b: val

K = K₁ ++ (x, (op, a, b)) :: K₂ → forward_inv K -∗ ⌜b ∉ x :: defs K₂⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K, K₁, K₂: list (val * (Binop * val * val))
x: val
op: Binop
a, b: val

K = K₁ ++ (x, (op, a, b)) :: K₂ → forward_inv K -∗ ⌜b ∉ x :: defs K₂⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K, K₁, K₂: list (val * (Binop * val * val))
x: val
op: Binop
a, b: val

b = a ∨ b = b
by right. Qed.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
x: val
op: Binop
el, er: Expr ()

forward_inv K -∗ verification.represents γ ℓₓ nᵣ x (Node () op el er) -∗ forward_inv K ∗ ( a b : val, verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er ∗ ⌜(x, (op, a, b)) ∈ K⌝)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
x: val
op: Binop
el, er: Expr ()

forward_inv K -∗ verification.represents γ ℓₓ nᵣ x (Node () op el er) -∗ forward_inv K ∗ ( a b : val, verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er ∗ ⌜(x, (op, a, b)) ∈ K⌝)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
x: val
op: Binop
el, er: Expr ()

"Hauth" : is_current_context γ K "Hrest" : ⌜ u : val, u ∈ defs K → vars (Let K .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}⌝ ∗ ([∗ list] u ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝) --------------------------------------∗ verification.represents γ ℓₓ nᵣ x (Node () op el er) -∗ forward_inv K ∗ ( a b : val, verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er ∗ ⌜(x, (op, a, b)) ∈ K⌝)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
x: val
op: Binop
el, er: Expr ()

"Hauth" : is_current_context γ K "Hrest" : ⌜ u : val, u ∈ defs K → vars (Let K .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}⌝ ∗ ([∗ list] u ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝) --------------------------------------∗ ( a b : val, is_entry γ x (op, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ forward_inv K ∗ ( a b : val, verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er ∗ ⌜(x, (op, a, b)) ∈ K⌝)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
x: val
op: Binop
el, er: Expr ()
a, b: val

"Hauth" : is_current_context γ K "Hrest" : ⌜ u : val, u ∈ defs K → vars (Let K .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}⌝ ∗ ([∗ list] u ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝) "Hfrag" : is_entry γ x (op, a, b) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er --------------------------------------∗ forward_inv K ∗ ( a b : val, verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er ∗ ⌜(x, (op, a, b)) ∈ K⌝)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
x: val
op: Binop
el, er: Expr ()
a, b: val
Hlkp: context_to_map K !! x = Some (op, a, b)

"Hauth" : is_current_context γ K "Hrest" : ⌜ u : val, u ∈ defs K → vars (Let K .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}⌝ ∗ ([∗ list] u ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝) "Hfrag" : is_entry γ x (op, a, b) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er --------------------------------------∗ forward_inv K ∗ ( a b : val, verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er ∗ ⌜(x, (op, a, b)) ∈ K⌝)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
x: val
op: Binop
el, er: Expr ()
a, b: val
Hlkp: context_to_map K !! x = Some (op, a, b)

"Hfrag" : is_entry γ x (op, a, b) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er --------------------------------------∗ a b : val, verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er ∗ ⌜(x, (op, a, b)) ∈ K⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
x: val
op: Binop
el, er: Expr ()
a, b: val
Hlkp: context_to_map K !! x = Some (op, a, b)

"Hfrag" : is_entry γ x (op, a, b) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er --------------------------------------∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er ∗ ⌜(x, (op, a, b)) ∈ K⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
x: val
op: Binop
el, er: Expr ()
a, b: val
Hlkp: context_to_map K !! x = Some (op, a, b)

"Hfrag" : is_entry γ x (op, a, b) --------------------------------------∗ ⌜(x, (op, a, b)) ∈ K⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
x: val
op: Binop
el, er: Expr ()
a, b: val
Hlkp: context_to_map K !! x = Some (op, a, b)

(x, (op, a, b)) ∈ K
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
x: val
op: Binop
el, er: Expr ()
a, b: val
Hlkp: context_to_map K !! x = Some (op, a, b)

(x, (op, a, b)) ∈ reverse K
by apply (elem_of_list_to_map_2 (K:=val) (M:=gmap val)). Qed.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
x: val
op: Binop
el, er: Expr ()

forward_inv K -∗ verification.represents γ ℓₓ nᵣ x (Node () op el er) -∗ ⌜x ∈ defs K⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
x: val
op: Binop
el, er: Expr ()

forward_inv K -∗ verification.represents γ ℓₓ nᵣ x (Node () op el er) -∗ ⌜x ∈ defs K⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
x: val
op: Binop
el, er: Expr ()

"Hinv" : forward_inv K "Hx" : verification.represents γ ℓₓ nᵣ x (Node () op el er) --------------------------------------∗ ⌜x ∈ defs K⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
x: val
op: Binop
el, er: Expr ()

"Hin" : a b : val, verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er ∗ ⌜(x, (op, a, b)) ∈ K⌝ --------------------------------------∗ ⌜x ∈ defs K⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
x: val
op: Binop
el, er: Expr ()
a, b: val
H: (x, (op, a, b)) ∈ K

--------------------------------------∗ ⌜x ∈ defs K⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
x: val
op: Binop
el, er: Expr ()
a, b: val
H: (x, (op, a, b)) ∈ K

x ∈ defs K
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
x: val
op: Binop
el, er: Expr ()
a, b: val
H: (x, (op, a, b)) ∈ K

y : val * node, x = y.1 ∧ y ∈ K
by exists (x, (op, a, b)). Qed.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
u: val
e: Expr ()

forward_inv K -∗ verification.represents γ ℓₓ nᵣ u e -∗ ⌜u ∈ defs K ++ [InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
u: val
e: Expr ()

forward_inv K -∗ verification.represents γ ℓₓ nᵣ u e -∗ ⌜u ∈ defs K ++ [InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
u: val
e: Expr ()

"Hinv" : forward_inv K "Hu" : verification.represents γ ℓₓ nᵣ u e --------------------------------------∗ ⌜u ∈ defs K ++ [InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
u: val
op: Binop
el, er: Expr ()

"Hinv" : forward_inv K "Hu" : verification.represents γ ℓₓ nᵣ u (Node () op el er) --------------------------------------∗ ⌜u ∈ defs K ++ [InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
u: val
op: Binop
el, er: Expr ()
Hin: u ∈ defs K

"Hinv" : forward_inv K "Hu" : verification.represents γ ℓₓ nᵣ u (Node () op el er) --------------------------------------∗ ⌜u ∈ defs K ++ [InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
u: val
op: Binop
el, er: Expr ()
Hin: u ∈ defs K

u ∈ defs K ++ [InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
u: val
op: Binop
el, er: Expr ()
Hin: u ∈ defs K

u ∈ defs K ∨ u ∈ [InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]
by left. Qed.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
u: val
e: Expr ()

forward_inv K -∗ verification.represents γ ℓₓ nᵣ u e -∗ ⌜u ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] ∨ u = InjLV (InjLV #()) ∨ u = InjLV (InjRV #())⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
u: val
e: Expr ()

forward_inv K -∗ verification.represents γ ℓₓ nᵣ u e -∗ ⌜u ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] ∨ u = InjLV (InjLV #()) ∨ u = InjLV (InjRV #())⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
u: val
e: Expr ()

"Hinv" : forward_inv K "Hu" : verification.represents γ ℓₓ nᵣ u e --------------------------------------∗ ⌜u ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] ∨ u = InjLV (InjLV #()) ∨ u = InjLV (InjRV #())⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
u: val
e: Expr ()
Hu: u ∈ defs K ++ [InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]

"Hinv" : forward_inv K "Hu" : verification.represents γ ℓₓ nᵣ u e --------------------------------------∗ ⌜u ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] ∨ u = InjLV (InjLV #()) ∨ u = InjLV (InjRV #())⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
u: val
e: Expr ()
Hu: u ∈ defs K ++ [InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]

u ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] ∨ u = InjLV (InjLV #()) ∨ u = InjLV (InjRV #())
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
u: val
e: Expr ()

u ∈ defs K ∨ u = InjLV (InjLV #()) ∨ u = InjLV (InjRV #()) ∨ u = InjRV (nᵣ, #ℓₓ) ∨ False → (u ∈ defs K ∨ u = InjRV (nᵣ, #ℓₓ) ∨ False) ∨ u = InjLV (InjLV #()) ∨ u = InjLV (InjRV #())
naive_solver. Qed.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ, u: val

u ∈ [InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)] → u = InjLV (InjLV #()) ∨ u = InjLV (InjRV #()) ∨ u = InjRV (nᵣ, #ℓₓ)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ, u: val

u ∈ [InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)] → u = InjLV (InjLV #()) ∨ u = InjLV (InjRV #()) ∨ u = InjRV (nᵣ, #ℓₓ)
by rewrite !elem_of_cons elem_of_nil; naive_solver. Qed.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
u: val
e: Expr ()

forward_inv K -∗ verification.represents γ ℓₓ nᵣ u e -∗ ⌜vars (Let K .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
u: val
e: Expr ()

forward_inv K -∗ verification.represents γ ℓₓ nᵣ u e -∗ ⌜vars (Let K .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
u: val
e: Expr ()

"Hu" : verification.represents γ ℓₓ nᵣ u e --------------------------------------□ "Hinv" : forward_inv K --------------------------------------∗ ⌜vars (Let K .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
u: val
e: Expr ()
Ha₀: InjLV (InjLV #()) ∉ defs K

"Hu" : verification.represents γ ℓₓ nᵣ u e --------------------------------------□ "Hinv" : forward_inv K --------------------------------------∗ ⌜vars (Let K .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
u: val
e: Expr ()
Ha₀: InjLV (InjLV #()) ∉ defs K
Ha₁: InjLV (InjRV #()) ∉ defs K

"Hu" : verification.represents γ ℓₓ nᵣ u e --------------------------------------□ "Hinv" : forward_inv K --------------------------------------∗ ⌜vars (Let K .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
u: val
e: Expr ()
Ha₀: InjLV (InjLV #()) ∉ defs K
Ha₁: InjLV (InjRV #()) ∉ defs K
Haₓ: InjRV (nᵣ, #ℓₓ) ∉ defs K

"Hu" : verification.represents γ ℓₓ nᵣ u e --------------------------------------□ "Hinv" : forward_inv K --------------------------------------∗ ⌜vars (Let K .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
u: val
e: Expr ()
Ha₀: InjLV (InjLV #()) ∉ defs K
Ha₁: InjLV (InjRV #()) ∉ defs K
Haₓ: InjRV (nᵣ, #ℓₓ) ∉ defs K
Hu: u ∈ defs K

"Hu" : verification.represents γ ℓₓ nᵣ u e --------------------------------------□ "Hinv" : forward_inv K --------------------------------------∗ ⌜vars (Let K .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
u: val
e: Expr ()
Ha₀: InjLV (InjLV #()) ∉ defs K
Ha₁: InjLV (InjRV #()) ∉ defs K
Haₓ: InjRV (nᵣ, #ℓₓ) ∉ defs K
Hu: u ∈ defs K
H: u : val, u ∈ defs K → vars (Let K .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}

"Hu" : verification.represents γ ℓₓ nᵣ u e --------------------------------------□ ⌜vars (Let K .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
u: val
e: Expr ()
Ha₀: InjLV (InjLV #()) ∉ defs K
Ha₁: InjLV (InjRV #()) ∉ defs K
Haₓ: InjRV (nᵣ, #ℓₓ) ∉ defs K
Hu: u ∈ defs K
Hvars: u : val, u ∈ defs K → vars (Let K .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}

"Hu" : verification.represents γ ℓₓ nᵣ u e --------------------------------------□ ⌜vars (Let K .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
u: val
e: Expr ()
Ha₀: InjLV (InjLV #()) ∉ defs K
Ha₁: InjLV (InjRV #()) ∉ defs K
Haₓ: InjRV (nᵣ, #ℓₓ) ∉ defs K
Hu: u ∈ defs K
Hvars: u : val, u ∈ defs K → vars (Let K .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}

vars (Let K .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
by apply Hvars. Qed.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()

(f := Leaf val .{[ InjLV (InjLV #()) := Oₑ]}) (g := Leaf val .{[ InjLV (InjRV #()) := Iₑ]}) (K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u e -∗ ⌜e = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()

(f := Leaf val .{[ InjLV (InjLV #()) := Oₑ]}) (g := Leaf val .{[ InjLV (InjRV #()) := Iₑ]}) (K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u e -∗ ⌜e = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val

(K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u e -∗ ⌜e = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val

(K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u (Oₑ) -∗ ⌜Oₑ = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
(K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u (Iₑ) -∗ ⌜Iₑ = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
(K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u (Xₑ) -∗ ⌜Xₑ = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
op: Binop
e1, e2: Expr ()
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
IHl: (K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u e1 -∗ ⌜e1 = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
IHr: (K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u e2 -∗ ⌜e2 = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
(K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u (Node () op e1 e2) -∗ ⌜Node () op e1 e2 = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val

(K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u (Oₑ) -∗ ⌜Oₑ = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
K₁: list (val * node)
K₂: context
u: val
Hnot_in: u ∉ defs K₂

forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u (Oₑ) -∗ ⌜Oₑ = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
K₁: list (val * node)
K₂: context
Hnot_in: InjLV (InjLV #()) ∉ defs K₂

"Hinv" : forward_inv (K₁ ++ K₂) --------------------------------------∗ ⌜Oₑ = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in InjLV (InjLV #()))))⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
K₁: list (val * node)
K₂: context
Hnot_in: InjLV (InjLV #()) ∉ defs K₂
Hℓ₀: InjLV (InjLV #()) ∉ defs (K₁ ++ K₂)

"Hinv" : forward_inv (K₁ ++ K₂) --------------------------------------∗ ⌜Oₑ = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in InjLV (InjLV #()))))⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
K₁: list (val * node)
K₂: context
Hnot_in: InjLV (InjLV #()) ∉ defs K₂
Hℓ₀: InjLV (InjLV #()) ∉ defs (K₁ ++ K₂)

Oₑ = map (λ _ : val, ()) (bind f (bind g (Let K₁ .in InjLV (InjLV #()))))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
K₁: list (val * node)
K₂: context
Hnot_in: InjLV (InjLV #()) ∉ defs K₂
Hℓ₀: InjLV (InjLV #()) ∉ defs (K₁ ++ K₂)

Oₑ = map (λ _ : val, ()) (bind f (bind g (Leaf val (InjLV (InjLV #())))))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
K₁: list (val * node)
K₂: context
Hnot_in: InjLV (InjLV #()) ∉ defs K₂
Hℓ₀: InjLV (InjLV #()) ∉ defs (K₁ ++ K₂)

Oₑ = map (λ _ : val, ()) (bind f (g (InjLV (InjLV #()))))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
K₁: list (val * node)
K₂: context
Hnot_in: InjLV (InjLV #()) ∉ defs K₂
Hℓ₀: InjLV (InjLV #()) ∉ defs (K₁ ++ K₂)

Oₑ = map (λ _ : val, ()) (bind (Leaf val .{[ InjLV (InjLV #()) := Oₑ]}) ((Leaf val .{[ InjLV (InjRV #()) := Iₑ]}) (InjLV (InjLV #()))))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
K₁: list (val * node)
K₂: context
Hnot_in: InjLV (InjLV #()) ∉ defs K₂
Hℓ₀: InjLV (InjLV #()) ∉ defs (K₁ ++ K₂)

Oₑ = map (λ _ : val, ()) (bind (Leaf val .{[ InjLV (InjLV #()) := Oₑ]}) (Leaf val (InjLV (InjLV #()))))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
K₁: list (val * node)
K₂: context
Hnot_in: InjLV (InjLV #()) ∉ defs K₂
Hℓ₀: InjLV (InjLV #()) ∉ defs (K₁ ++ K₂)

Oₑ = map (λ _ : val, ()) ((Leaf val .{[ InjLV (InjLV #()) := Oₑ]}) (InjLV (InjLV #())))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
K₁: list (val * node)
K₂: context
Hnot_in: InjLV (InjLV #()) ∉ defs K₂
Hℓ₀: InjLV (InjLV #()) ∉ defs (K₁ ++ K₂)

Oₑ = map (λ _ : val, ()) (Oₑ)
done.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val

(K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u (Iₑ) -∗ ⌜Iₑ = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
(K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u (Xₑ) -∗ ⌜Xₑ = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
op: Binop
e1, e2: Expr ()
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
IHl: (K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u e1 -∗ ⌜e1 = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
IHr: (K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u e2 -∗ ⌜e2 = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
(K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u (Node () op e1 e2) -∗ ⌜Node () op e1 e2 = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val

(K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u (Iₑ) -∗ ⌜Iₑ = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
K₁: list (val * node)
K₂: context
u: val
Hnot_in: u ∉ defs K₂

forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u (Iₑ) -∗ ⌜Iₑ = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
K₁: list (val * node)
K₂: context
Hnot_in: InjLV (InjRV #()) ∉ defs K₂

"Hinv" : forward_inv (K₁ ++ K₂) --------------------------------------∗ ⌜Iₑ = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in InjLV (InjRV #()))))⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
K₁: list (val * node)
K₂: context
Hnot_in: InjLV (InjRV #()) ∉ defs K₂
Hℓ₁: InjLV (InjRV #()) ∉ defs (K₁ ++ K₂)

"Hinv" : forward_inv (K₁ ++ K₂) --------------------------------------∗ ⌜Iₑ = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in InjLV (InjRV #()))))⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
K₁: list (val * node)
K₂: context
Hnot_in: InjLV (InjRV #()) ∉ defs K₂
Hℓ₁: InjLV (InjRV #()) ∉ defs (K₁ ++ K₂)

Iₑ = map (λ _ : val, ()) (bind f (bind g (Let K₁ .in InjLV (InjRV #()))))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
K₁: list (val * node)
K₂: context
Hnot_in: InjLV (InjRV #()) ∉ defs K₂
Hℓ₁: InjLV (InjRV #()) ∉ defs (K₁ ++ K₂)

Iₑ = map (λ _ : val, ()) (bind f (bind g (Leaf val (InjLV (InjRV #())))))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
K₁: list (val * node)
K₂: context
Hnot_in: InjLV (InjRV #()) ∉ defs K₂
Hℓ₁: InjLV (InjRV #()) ∉ defs (K₁ ++ K₂)

Iₑ = map (λ _ : val, ()) (bind f (g (InjLV (InjRV #()))))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
K₁: list (val * node)
K₂: context
Hnot_in: InjLV (InjRV #()) ∉ defs K₂
Hℓ₁: InjLV (InjRV #()) ∉ defs (K₁ ++ K₂)

Iₑ = map (λ _ : val, ()) (bind (Leaf val .{[ InjLV (InjLV #()) := Oₑ]}) ((Leaf val .{[ InjLV (InjRV #()) := Iₑ]}) (InjLV (InjRV #()))))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
K₁: list (val * node)
K₂: context
Hnot_in: InjLV (InjRV #()) ∉ defs K₂
Hℓ₁: InjLV (InjRV #()) ∉ defs (K₁ ++ K₂)

Iₑ = map (λ _ : val, ()) (bind (Leaf val .{[ InjLV (InjLV #()) := Oₑ]}) (Iₑ))
done.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val

(K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u (Xₑ) -∗ ⌜Xₑ = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
op: Binop
e1, e2: Expr ()
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
IHl: (K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u e1 -∗ ⌜e1 = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
IHr: (K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u e2 -∗ ⌜e2 = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
(K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u (Node () op e1 e2) -∗ ⌜Node () op e1 e2 = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val

(K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u (Xₑ) -∗ ⌜Xₑ = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
K₁: list (val * node)
K₂: context
u: val
Hnot_in: u ∉ defs K₂

forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u (Xₑ) -∗ ⌜Xₑ = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
K₁: list (val * node)
K₂: context
Hnot_in: InjRV (nᵣ, #ℓₓ) ∉ defs K₂

"Hinv" : forward_inv (K₁ ++ K₂) --------------------------------------∗ ⌜Xₑ = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in InjRV (nᵣ, #ℓₓ))))⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
K₁: list (val * node)
K₂: context
Hnot_in: InjRV (nᵣ, #ℓₓ) ∉ defs K₂
Hℓₓ: InjRV (nᵣ, #ℓₓ) ∉ defs (K₁ ++ K₂)

"Hinv" : forward_inv (K₁ ++ K₂) --------------------------------------∗ ⌜Xₑ = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in InjRV (nᵣ, #ℓₓ))))⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
K₁: list (val * node)
K₂: context
Hnot_in: InjRV (nᵣ, #ℓₓ) ∉ defs K₂
Hℓₓ: InjRV (nᵣ, #ℓₓ) ∉ defs (K₁ ++ K₂)

Xₑ = map (λ _ : val, ()) (bind f (bind g (Let K₁ .in InjRV (nᵣ, #ℓₓ))))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
K₁: list (val * node)
K₂: context
Hnot_in: InjRV (nᵣ, #ℓₓ) ∉ defs K₂
Hℓₓ: InjRV (nᵣ, #ℓₓ) ∉ defs (K₁ ++ K₂)

Xₑ = map (λ _ : val, ()) (bind f (bind g (Leaf val (InjRV (nᵣ, #ℓₓ)))))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
K₁: list (val * node)
K₂: context
Hnot_in: InjRV (nᵣ, #ℓₓ) ∉ defs K₂
Hℓₓ: InjRV (nᵣ, #ℓₓ) ∉ defs (K₁ ++ K₂)

Xₑ = map (λ _ : val, ()) (bind f (g (InjRV (nᵣ, #ℓₓ))))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
K₁: list (val * node)
K₂: context
Hnot_in: InjRV (nᵣ, #ℓₓ) ∉ defs K₂
Hℓₓ: InjRV (nᵣ, #ℓₓ) ∉ defs (K₁ ++ K₂)

Xₑ = map (λ _ : val, ()) (bind (Leaf val .{[ InjLV (InjLV #()) := Oₑ]}) ((Leaf val .{[ InjLV (InjRV #()) := Iₑ]}) (InjRV (nᵣ, #ℓₓ))))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
K₁: list (val * node)
K₂: context
Hnot_in: InjRV (nᵣ, #ℓₓ) ∉ defs K₂
Hℓₓ: InjRV (nᵣ, #ℓₓ) ∉ defs (K₁ ++ K₂)

Xₑ = map (λ _ : val, ()) (bind (Leaf val .{[ InjLV (InjLV #()) := Oₑ]}) (Leaf val (InjRV (nᵣ, #ℓₓ))))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
K₁: list (val * node)
K₂: context
Hnot_in: InjRV (nᵣ, #ℓₓ) ∉ defs K₂
Hℓₓ: InjRV (nᵣ, #ℓₓ) ∉ defs (K₁ ++ K₂)

Xₑ = map (λ _ : val, ()) ((Leaf val .{[ InjLV (InjLV #()) := Oₑ]}) (InjRV (nᵣ, #ℓₓ)))
rewrite overwrite_neq; done.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
op: Binop
e1, e2: Expr ()
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
IHl: (K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u e1 -∗ ⌜e1 = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
IHr: (K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u e2 -∗ ⌜e2 = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝

(K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u (Node () op e1 e2) -∗ ⌜Node () op e1 e2 = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
op: Binop
e1, e2: Expr ()
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
IHl: (K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u e1 -∗ ⌜e1 = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
IHr: (K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u e2 -∗ ⌜e2 = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝

(K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u (Node () op e1 e2) -∗ ⌜Node () op e1 e2 = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
op: Binop
e1, e2: Expr ()
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
IHl: (K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u e1 -∗ ⌜e1 = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
IHr: (K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u e2 -∗ ⌜e2 = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
K₁: list (val * node)
K₂: context
u: val
Hnot_in: u ∉ defs K₂

forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u (Node () op e1 e2) -∗ ⌜Node () op e1 e2 = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
op: Binop
e1, e2: Expr ()
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
IHl: (K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u e1 -∗ ⌜e1 = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
IHr: (K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u e2 -∗ ⌜e2 = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
K₁: list (val * node)
K₂: context
u: val
Hnot_in: u ∉ defs K₂

"Hinv" : forward_inv (K₁ ++ K₂) "Hrepr" : verification.represents γ ℓₓ nᵣ u (Node () op e1 e2) --------------------------------------∗ ⌜Node () op e1 e2 = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
op: Binop
e1, e2: Expr ()
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
IHl: (K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u e1 -∗ ⌜e1 = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
IHr: (K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u e2 -∗ ⌜e2 = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
K₁: list (val * node)
K₂: context
u: val
Hnot_in: u ∉ defs K₂
HNoDup: NoDup (defs (K₁ ++ K₂))

"Hinv" : forward_inv (K₁ ++ K₂) "Hrepr" : verification.represents γ ℓₓ nᵣ u (Node () op e1 e2) --------------------------------------∗ ⌜Node () op e1 e2 = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
op: Binop
e1, e2: Expr ()
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
IHl: (K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u e1 -∗ ⌜e1 = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
IHr: (K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u e2 -∗ ⌜e2 = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
K₁: list (val * node)
K₂: context
u: val
Hnot_in: u ∉ defs K₂
HNoDup: NoDup (defs (K₁ ++ K₂))

"Hinv" : forward_inv (K₁ ++ K₂) "Hrepr" : a b : val, verification.represents γ ℓₓ nᵣ a e1 ∗ verification.represents γ ℓₓ nᵣ b e2 ∗ ⌜(u, (op, a, b)) ∈ K₁ ++ K₂⌝ --------------------------------------∗ ⌜Node () op e1 e2 = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
op: Binop
e1, e2: Expr ()
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
IHl: (K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u e1 -∗ ⌜e1 = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
IHr: (K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u e2 -∗ ⌜e2 = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
K₁: list (val * node)
K₂: context
u: val
Hnot_in: u ∉ defs K₂
HNoDup: NoDup (defs (K₁ ++ K₂))
a, b: val
H: (u, (op, a, b)) ∈ K₁ ++ K₂

"Hinv" : forward_inv (K₁ ++ K₂) "Ha" : verification.represents γ ℓₓ nᵣ a e1 "Hb" : verification.represents γ ℓₓ nᵣ b e2 --------------------------------------∗ ⌜Node () op e1 e2 = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
op: Binop
e1, e2: Expr ()
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
IHl: (K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u e1 -∗ ⌜e1 = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
IHr: (K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u e2 -∗ ⌜e2 = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
K₁: list (val * node)
K₂: context
u: val
Hnot_in: u ∉ defs K₂
HNoDup: NoDup (defs (K₁ ++ K₂))
a, b: val
Hin: (u, (op, a, b)) ∈ K₁ ++ K₂

"Hinv" : forward_inv (K₁ ++ K₂) "Ha" : verification.represents γ ℓₓ nᵣ a e1 "Hb" : verification.represents γ ℓₓ nᵣ b e2 --------------------------------------∗ ⌜Node () op e1 e2 = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
op: Binop
e1, e2: Expr ()
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
IHl: (K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u e1 -∗ ⌜e1 = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
IHr: (K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u e2 -∗ ⌜e2 = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
K₁: list (val * node)
K₂: context
u: val
Hnot_in: u ∉ defs K₂
HNoDup: NoDup (defs (K₁ ++ K₂))
a, b: val

(u, (op, a, b)) ∈ K₁ ++ K₂ → "Hinv" : forward_inv (K₁ ++ K₂) "Ha" : verification.represents γ ℓₓ nᵣ a e1 "Hb" : verification.represents γ ℓₓ nᵣ b e2 --------------------------------------∗ ⌜Node () op e1 e2 = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
op: Binop
e1, e2: Expr ()
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
IHl: (K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u e1 -∗ ⌜e1 = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
IHr: (K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u e2 -∗ ⌜e2 = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
K₁: list (val * node)
K₂: context
u: val
Hnot_in: u ∉ defs K₂
HNoDup: NoDup (defs (K₁ ++ K₂))
a, b: val

(u, (op, a, b)) ∈ K₁ ∨ (u, (op, a, b)) ∈ K₂ → "Hinv" : forward_inv (K₁ ++ K₂) "Ha" : verification.represents γ ℓₓ nᵣ a e1 "Hb" : verification.represents γ ℓₓ nᵣ b e2 --------------------------------------∗ ⌜Node () op e1 e2 = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
op: Binop
e1, e2: Expr ()
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
IHl: (K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u e1 -∗ ⌜e1 = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
IHr: (K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u e2 -∗ ⌜e2 = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
K₁: list (val * node)
K₂: context
u: val
Hnot_in: u ∉ defs K₂
HNoDup: NoDup (defs (K₁ ++ K₂))
a, b: val
Hin: (u, (op, a, b)) ∈ K₁

"Hinv" : forward_inv (K₁ ++ K₂) "Ha" : verification.represents γ ℓₓ nᵣ a e1 "Hb" : verification.represents γ ℓₓ nᵣ b e2 --------------------------------------∗ ⌜Node () op e1 e2 = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
op: Binop
e1, e2: Expr ()
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
IHl: (K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u e1 -∗ ⌜e1 = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
IHr: (K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u e2 -∗ ⌜e2 = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
K₂: context
u: val
Hnot_in: u ∉ defs K₂
a, b: val
K₁₁, K₁₂: list (val * (Binop * val * val))
Hin: (u, (op, a, b)) ∈ K₁₁ ++ (u, (op, a, b)) :: K₁₂
HNoDup: NoDup (defs ((K₁₁ ++ (u, (op, a, b)) :: K₁₂) ++ K₂))
Hnot_in': (u, (op, a, b)) ∉ K₁₂

"Hinv" : forward_inv ((K₁₁ ++ (u, (op, a, b)) :: K₁₂) ++ K₂) "Ha" : verification.represents γ ℓₓ nᵣ a e1 "Hb" : verification.represents γ ℓₓ nᵣ b e2 --------------------------------------∗ ⌜Node () op e1 e2 = map (λ _ : val, tt) (bind f (bind g (Let K₁₁ ++ (u, (op, a, b)) :: K₁₂ .in u)))⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
op: Binop
e1, e2: Expr ()
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
IHl: (K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u e1 -∗ ⌜e1 = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
IHr: (K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u e2 -∗ ⌜e2 = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
K₂: context
u: val
Hnot_in: u ∉ defs K₂
a, b: val
K₁₁, K₁₂: list (val * (Binop * val * val))
Hin: (u, (op, a, b)) ∈ K₁₁ ++ (u, (op, a, b)) :: K₁₂
Hnot_in': (u, (op, a, b)) ∉ K₁₂
HNoDup: NoDup ((defs K₁₁ ++ u :: defs K₁₂) ++ defs K₂)

"Hinv" : forward_inv ((K₁₁ ++ (u, (op, a, b)) :: K₁₂) ++ K₂) "Ha" : verification.represents γ ℓₓ nᵣ a e1 "Hb" : verification.represents γ ℓₓ nᵣ b e2 --------------------------------------∗ ⌜Node () op e1 e2 = map (λ _ : val, tt) (bind f (bind g (Let K₁₁ ++ (u, (op, a, b)) :: K₁₂ .in u)))⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
op: Binop
e1, e2: Expr ()
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
IHl: (K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u e1 -∗ ⌜e1 = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
IHr: (K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u e2 -∗ ⌜e2 = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
K₂: context
u: val
Hnot_in: u ∉ defs K₂
a, b: val
K₁₁, K₁₂: list (val * (Binop * val * val))
Hin: (u, (op, a, b)) ∈ K₁₁ ++ (u, (op, a, b)) :: K₁₂
Hnot_in': (u, (op, a, b)) ∉ K₁₂
HNoDup: NoDup ((defs K₁₁ ++ u :: defs K₁₂) ++ defs K₂)
H: u ∉ defs K₁₂

"Hinv" : forward_inv ((K₁₁ ++ (u, (op, a, b)) :: K₁₂) ++ K₂) "Ha" : verification.represents γ ℓₓ nᵣ a e1 "Hb" : verification.represents γ ℓₓ nᵣ b e2 --------------------------------------∗ ⌜Node () op e1 e2 = map (λ _ : val, tt) (bind f (bind g (Let K₁₁ ++ (u, (op, a, b)) :: K₁₂ .in u)))⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
op: Binop
e1, e2: Expr ()
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
IHl: (K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u e1 -∗ ⌜e1 = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
IHr: (K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u e2 -∗ ⌜e2 = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
K₂: context
u: val
Hnot_in: u ∉ defs K₂
a, b: val
K₁₁, K₁₂: list (val * (Binop * val * val))
Hin: (u, (op, a, b)) ∈ K₁₁ ++ (u, (op, a, b)) :: K₁₂
Hnot_in': (u, (op, a, b)) ∉ K₁₂
HNoDup: NoDup ((defs K₁₁ ++ u :: defs K₁₂) ++ defs K₂)
H: u ∉ defs K₁₂

"Hinv" : forward_inv ((K₁₁ ++ (u, (op, a, b)) :: K₁₂) ++ K₂) "Ha" : verification.represents γ ℓₓ nᵣ a e1 "Hb" : verification.represents γ ℓₓ nᵣ b e2 --------------------------------------∗ ⌜Node () op e1 e2 = map (λ _ : val, tt) (bind f (bind g (Node val op (Let K₁₁ .in a) (Let K₁₁ .in b))))⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
op: Binop
e1, e2: Expr ()
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
IHl: (K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u e1 -∗ ⌜e1 = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
IHr: (K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u e2 -∗ ⌜e2 = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
K₂: context
u: val
Hnot_in: u ∉ defs K₂
a, b: val
K₁₁, K₁₂: list (val * (Binop * val * val))
Hin: (u, (op, a, b)) ∈ K₁₁ ++ (u, (op, a, b)) :: K₁₂
Hnot_in': (u, (op, a, b)) ∉ K₁₂
HNoDup: NoDup ((defs K₁₁ ++ u :: defs K₁₂) ++ defs K₂)
H: u ∉ defs K₁₂

"Hinv" : forward_inv (K₁₁ ++ ((u, (op, a, b)) :: K₁₂) ++ K₂) "Ha" : verification.represents γ ℓₓ nᵣ a e1 "Hb" : verification.represents γ ℓₓ nᵣ b e2 --------------------------------------∗ ⌜Node () op e1 e2 = map (λ _ : val, tt) (bind f (bind g (Node val op (Let K₁₁ .in a) (Let K₁₁ .in b))))⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
op: Binop
e1, e2: Expr ()
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
IHl: (K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u e1 -∗ ⌜e1 = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
IHr: (K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u e2 -∗ ⌜e2 = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
K₂: context
u: val
Hnot_in: u ∉ defs K₂
a, b: val
K₁₁, K₁₂: list (val * (Binop * val * val))
Hin: (u, (op, a, b)) ∈ K₁₁ ++ (u, (op, a, b)) :: K₁₂
Hnot_in': (u, (op, a, b)) ∉ K₁₂
HNoDup: NoDup ((defs K₁₁ ++ u :: defs K₁₂) ++ defs K₂)
H: u ∉ defs K₁₂

"Hinv" : forward_inv (K₁₁ ++ (u, (op, a, b)) :: K₁₂ ++ K₂) "Ha" : verification.represents γ ℓₓ nᵣ a e1 "Hb" : verification.represents γ ℓₓ nᵣ b e2 --------------------------------------∗ ⌜Node () op e1 e2 = Node () op (map (λ _ : val, tt) (bind f (bind g (Let K₁₁ .in a)))) (map (λ _ : val, tt) (bind f (bind g (Let K₁₁ .in b))))⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
op: Binop
e1, e2: Expr ()
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
IHl: (K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u e1 -∗ ⌜e1 = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
IHr: (K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u e2 -∗ ⌜e2 = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
K₂: context
u: val
Hnot_in: u ∉ defs K₂
a, b: val
K₁₁, K₁₂: list (val * (Binop * val * val))
Hin: (u, (op, a, b)) ∈ K₁₁ ++ (u, (op, a, b)) :: K₁₂
Hnot_in': (u, (op, a, b)) ∉ K₁₂
HNoDup: NoDup ((defs K₁₁ ++ u :: defs K₁₂) ++ defs K₂)
H: u ∉ defs K₁₂
Ha: a ∉ u :: defs (K₁₂ ++ K₂)

"Hinv" : forward_inv (K₁₁ ++ (u, (op, a, b)) :: K₁₂ ++ K₂) "Ha" : verification.represents γ ℓₓ nᵣ a e1 "Hb" : verification.represents γ ℓₓ nᵣ b e2 --------------------------------------∗ ⌜Node () op e1 e2 = Node () op (map (λ _ : val, tt) (bind f (bind g (Let K₁₁ .in a)))) (map (λ _ : val, tt) (bind f (bind g (Let K₁₁ .in b))))⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
op: Binop
e1, e2: Expr ()
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
IHl: (K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u e1 -∗ ⌜e1 = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
IHr: (K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u e2 -∗ ⌜e2 = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
K₂: context
u: val
Hnot_in: u ∉ defs K₂
a, b: val
K₁₁, K₁₂: list (val * (Binop * val * val))
Hin: (u, (op, a, b)) ∈ K₁₁ ++ (u, (op, a, b)) :: K₁₂
Hnot_in': (u, (op, a, b)) ∉ K₁₂
HNoDup: NoDup ((defs K₁₁ ++ u :: defs K₁₂) ++ defs K₂)
H: u ∉ defs K₁₂
Ha: a ∉ u :: defs (K₁₂ ++ K₂)
Hb: b ∉ u :: defs (K₁₂ ++ K₂)

"Hinv" : forward_inv (K₁₁ ++ (u, (op, a, b)) :: K₁₂ ++ K₂) "Ha" : verification.represents γ ℓₓ nᵣ a e1 "Hb" : verification.represents γ ℓₓ nᵣ b e2 --------------------------------------∗ ⌜Node () op e1 e2 = Node () op (map (λ _ : val, tt) (bind f (bind g (Let K₁₁ .in a)))) (map (λ _ : val, tt) (bind f (bind g (Let K₁₁ .in b))))⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
op: Binop
e2: Expr ()
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
a: val
K₁₁: list (val * (Binop * val * val))
IHl: (K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u (map (λ _ : val, ()) (bind f (bind g (Let K₁₁ .in a)))) -∗ ⌜map (λ _ : val, tt) (bind f (bind g (Let K₁₁ .in a))) = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
IHr: (K₁ : list (val * node)) (K₂ : context) (u : val), u ∉ defs K₂ → forward_inv (K₁ ++ K₂) -∗ verification.represents γ ℓₓ nᵣ u e2 -∗ ⌜e2 = map (λ _ : val, tt) (bind f (bind g (Let K₁ .in u)))⌝
K₂: context
u: val
Hnot_in: u ∉ defs K₂
b: val
K₁₂: list (val * (Binop * val * val))
Hin: (u, (op, a, b)) ∈ K₁₁ ++ (u, (op, a, b)) :: K₁₂
Hnot_in': (u, (op, a, b)) ∉ K₁₂
HNoDup: NoDup ((defs K₁₁ ++ u :: defs K₁₂) ++ defs K₂)
H: u ∉ defs K₁₂
Ha: a ∉ u :: defs (K₁₂ ++ K₂)
Hb: b ∉ u :: defs (K₁₂ ++ K₂)

"Hinv" : forward_inv (K₁₁ ++ (u, (op, a, b)) :: K₁₂ ++ K₂) "Ha" : verification.represents γ ℓₓ nᵣ a (map (λ _ : val, ()) (bind f (bind g (Let K₁₁ .in a)))) "Hb" : verification.represents γ ℓₓ nᵣ b e2 --------------------------------------∗ ⌜Node () op (map (λ _ : val, tt) (bind f (bind g (Let K₁₁ .in a)))) e2 = Node () op (map (λ _ : val, tt) (bind f (bind g (Let K₁₁ .in a)))) (map (λ _ : val, tt) (bind f (bind g (Let K₁₁ .in b))))⌝
iDestruct (IHr K₁₁ _ b with "Hinv Hb") as %->; done. } Qed.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
u: val
e: Expr ()

let f := Leaf val .{[ InjLV (InjLV #()) := Oₑ]} in let g := Leaf val .{[ InjLV (InjRV #()) := Iₑ]} in forward_inv K -∗ verification.represents γ ℓₓ nᵣ u e -∗ ⌜e = map (λ _ : val, tt) (bind f (bind g (Let K .in u)))⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
u: val
e: Expr ()

let f := Leaf val .{[ InjLV (InjLV #()) := Oₑ]} in let g := Leaf val .{[ InjLV (InjRV #()) := Iₑ]} in forward_inv K -∗ verification.represents γ ℓₓ nᵣ u e -∗ ⌜e = map (λ _ : val, tt) (bind f (bind g (Let K .in u)))⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
u: val
e: Expr ()
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val

forward_inv K -∗ verification.represents γ ℓₓ nᵣ u e -∗ ⌜e = map (λ _ : val, tt) (bind f (bind g (Let K .in u)))⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
u: val
e: Expr ()
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val

forward_inv (K ++ []) -∗ verification.represents γ ℓₓ nᵣ u e -∗ ⌜e = map (λ _ : val, tt) (bind f (bind g (Let K .in u)))⌝
apply forward_inv_agree_aux, not_elem_of_nil. Qed.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
y: val
e: Expr ()

let ϱ := ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]} in forward_inv K -∗ verification.represents γ ℓₓ nᵣ y e -∗ ⌜(∂ e ./ ∂ tt .at (λ _ : (), r)) = (∂ Let K .in y ./ ∂ InjRV (nᵣ, #ℓₓ) .at ϱ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
y: val
e: Expr ()

let ϱ := ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]} in forward_inv K -∗ verification.represents γ ℓₓ nᵣ y e -∗ ⌜(∂ e ./ ∂ tt .at (λ _ : (), r)) = (∂ Let K .in y ./ ∂ InjRV (nᵣ, #ℓₓ) .at ϱ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
y: val
e: Expr ()
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val

let ϱ := ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]} in forward_inv K -∗ verification.represents γ ℓₓ nᵣ y e -∗ ⌜(∂ e ./ ∂ tt .at (λ _ : (), r)) = (∂ Let K .in y ./ ∂ InjRV (nᵣ, #ℓₓ) .at ϱ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
y: val
e: Expr ()
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val

let ϱ := ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]} in forward_inv K -∗ verification.represents γ ℓₓ nᵣ y e -∗ ⌜(∂ e ./ ∂ tt .at (λ _ : (), r)) = (∂ Let K .in y ./ ∂ InjRV (nᵣ, #ℓₓ) .at ϱ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
y: val
e: Expr ()
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R

forward_inv K -∗ verification.represents γ ℓₓ nᵣ y e -∗ ⌜(∂ e ./ ∂ tt .at (λ _ : (), r)) = (∂ Let K .in y ./ ∂ InjRV (nᵣ, #ℓₓ) .at ϱ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
y: val
e: Expr ()
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R

"Hinv" : forward_inv K "Hy" : verification.represents γ ℓₓ nᵣ y e --------------------------------------∗ ⌜(∂ e ./ ∂ tt .at (λ _ : (), r)) = (∂ Let K .in y ./ ∂ InjRV (nᵣ, #ℓₓ) .at ϱ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
y: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R

"Hinv" : forward_inv K "Hy" : verification.represents γ ℓₓ nᵣ y (map (λ _ : val, ()) (bind (Leaf val .{[ InjLV (InjLV #()) := Oₑ]}) (bind (Leaf val .{[ InjLV (InjRV #()) := Iₑ]}) (Let K .in y)))) --------------------------------------∗ ⌜(∂ map (λ _ : val, tt) (bind (Leaf val .{[ InjLV (InjLV #()) := Oₑ]}) (bind (Leaf val .{[ InjLV (InjRV #()) := Iₑ]}) (Let K .in y))) ./ ∂ tt .at (λ _ : (), r)) = (∂ Let K .in y ./ ∂ InjRV (nᵣ, #ℓₓ) .at ϱ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
y: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hvars: vars (Let K .in y) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}

"Hinv" : forward_inv K "Hy" : verification.represents γ ℓₓ nᵣ y (map (λ _ : val, ()) (bind (Leaf val .{[ InjLV (InjLV #()) := Oₑ]}) (bind (Leaf val .{[ InjLV (InjRV #()) := Iₑ]}) (Let K .in y)))) --------------------------------------∗ ⌜(∂ map (λ _ : val, tt) (bind (Leaf val .{[ InjLV (InjLV #()) := Oₑ]}) (bind (Leaf val .{[ InjLV (InjRV #()) := Iₑ]}) (Let K .in y))) ./ ∂ tt .at (λ _ : (), r)) = (∂ Let K .in y ./ ∂ InjRV (nᵣ, #ℓₓ) .at ϱ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
y: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hvars: vars (Let K .in y) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}

(∂ map (λ _ : val, ()) (bind (Leaf val .{[ InjLV (InjLV #()) := Oₑ]}) (bind (Leaf val .{[ InjLV (InjRV #()) := Iₑ]}) (Let K .in y))) ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in y ./ ∂ InjRV (nᵣ, #ℓₓ) .at ϱ)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
y: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hvars: vars (Let K .in y) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}

(∂ map (λ _ : val, ()) (bind f (bind g (Let K .in y))) ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in y ./ ∂ InjRV (nᵣ, #ℓₓ) .at ϱ)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
y: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hvars: vars (Let K .in y) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}

(∂ bind f (bind g (Let K .in y)) ./ ∂ InjRV (nᵣ, #ℓₓ) .at (λ _ : (), r) ∘ (λ _ : val, ())) = (∂ Let K .in y ./ ∂ InjRV (nᵣ, #ℓₓ) .at ϱ)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
y: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hvars: vars (Let K .in y) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
j : val, j ∈ vars (bind f (bind g (Let K .in y))) → () = () → InjRV (nᵣ, #ℓₓ) = j
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
y: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hvars: vars (Let K .in y) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}

(∂ bind f (bind g (Let K .in y)) ./ ∂ InjRV (nᵣ, #ℓₓ) .at (λ _ : (), r) ∘ (λ _ : val, ())) = (∂ Let K .in y ./ ∂ InjRV (nᵣ, #ℓₓ) .at ϱ)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
y: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hvars: vars (Let K .in y) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}

(∂ bind f (bind g (Let K .in y)) ./ ∂ InjRV (nᵣ, #ℓₓ) .at (λ _ : val, r)) = (∂ Let K .in y ./ ∂ InjRV (nᵣ, #ℓₓ) .at ϱ)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
y: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hvars: vars (Let K .in y) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}

(∂ bind g (Let K .in y) ./ ∂ InjRV (nᵣ, #ℓₓ) .at ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]})) = (∂ Let K .in y ./ ∂ InjRV (nᵣ, #ℓₓ) .at ϱ)
rewrite diff_bind_overwrite_leaf_id_with_one; done.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
y: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hvars: vars (Let K .in y) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}

j : val, j ∈ vars (bind f (bind g (Let K .in y))) → () = () → InjRV (nᵣ, #ℓₓ) = j
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
y: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hvars: vars (Let K .in y) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}

j : val, j ∈ vars (bind f (bind g (Let K .in y))) → () = () → InjRV (nᵣ, #ℓₓ) = j
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
y: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hvars: vars (Let K .in y) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
j: val
Hj: j ∈ vars (bind f (bind g (Let K .in y)))

InjRV (nᵣ, #ℓₓ) = j
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
y: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hvars: vars (Let K .in y) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
j: val
Hj: j ∈ vars (bind f (bind g (Let K .in y)))

vars (f (InjLV (InjLV #()))) = ∅
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
y: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hvars: vars (Let K .in y) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
j: val
Hj: j ∈ vars (bind f (bind g (Let K .in y)))
Hfi: vars (f (InjLV (InjLV #()))) = ∅
InjRV (nᵣ, #ℓₓ) = j
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
y: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hvars: vars (Let K .in y) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
j: val
Hj: j ∈ vars (bind f (bind g (Let K .in y)))

vars (f (InjLV (InjLV #()))) = ∅
by rewrite /f overwrite_eq.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
y: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hvars: vars (Let K .in y) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
j: val
Hj: j ∈ vars (bind f (bind g (Let K .in y)))
Hfi: vars (f (InjLV (InjLV #()))) = ∅

InjRV (nᵣ, #ℓₓ) = j
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
y: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hvars: vars (Let K .in y) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
j: val
Hj: j ∈ vars (bind f (bind g (Let K .in y)))
Hfi: vars (f (InjLV (InjLV #()))) = ∅

j : val, vars (f j) ⊆ {[j]}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
y: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hvars: vars (Let K .in y) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
j: val
Hj: j ∈ vars (bind f (bind g (Let K .in y)))
Hfi: vars (f (InjLV (InjLV #()))) = ∅
Hfj: j : val, vars (f j) ⊆ {[j]}
InjRV (nᵣ, #ℓₓ) = j
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
y: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hvars: vars (Let K .in y) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
j: val
Hj: j ∈ vars (bind f (bind g (Let K .in y)))
Hfi: vars (f (InjLV (InjLV #()))) = ∅

j : val, vars (f j) ⊆ {[j]}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
y: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hvars: vars (Let K .in y) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
j: val
Hj: j ∈ vars (bind f (bind g (Let K .in y)))
Hfi: vars (f (InjLV (InjLV #()))) = ∅
k: val

vars (f k) ⊆ {[k]}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
y: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hvars: vars (Let K .in y) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
j: val
Hj: j ∈ vars (bind f (bind g (Let K .in y)))
Hfi: vars (f (InjLV (InjLV #()))) = ∅

vars (f (InjLV (InjLV #()))) ⊆ {[InjLV (InjLV #())]}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
y: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hvars: vars (Let K .in y) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
j: val
Hj: j ∈ vars (bind f (bind g (Let K .in y)))
Hfi: vars (f (InjLV (InjLV #()))) = ∅
k: val
Hneq: k ≠ InjLV (InjLV #())
vars (f k) ⊆ {[k]}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
y: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hvars: vars (Let K .in y) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
j: val
Hj: j ∈ vars (bind f (bind g (Let K .in y)))
Hfi: vars (f (InjLV (InjLV #()))) = ∅

vars (f (InjLV (InjLV #()))) ⊆ {[InjLV (InjLV #())]}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
y: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hvars: vars (Let K .in y) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
j: val
Hj: j ∈ vars (bind f (bind g (Let K .in y)))
Hfi: vars (f (InjLV (InjLV #()))) = ∅

vars ((Leaf val .{[ InjLV (InjLV #()) := Oₑ]}) (InjLV (InjLV #()))) ⊆ {[InjLV (InjLV #())]}
by rewrite overwrite_eq.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
y: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hvars: vars (Let K .in y) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
j: val
Hj: j ∈ vars (bind f (bind g (Let K .in y)))
Hfi: vars (f (InjLV (InjLV #()))) = ∅
k: val
Hneq: k ≠ InjLV (InjLV #())

vars (f k) ⊆ {[k]}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
y: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hvars: vars (Let K .in y) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
j: val
Hj: j ∈ vars (bind f (bind g (Let K .in y)))
Hfi: vars (f (InjLV (InjLV #()))) = ∅
k: val
Hneq: k ≠ InjLV (InjLV #())

vars ((Leaf val .{[ InjLV (InjLV #()) := Oₑ]}) k) ⊆ {[k]}
by rewrite overwrite_neq.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
y: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hvars: vars (Let K .in y) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
j: val
Hj: j ∈ vars (bind f (bind g (Let K .in y)))
Hfi: vars (f (InjLV (InjLV #()))) = ∅
Hfj: j : val, vars (f j) ⊆ {[j]}

InjRV (nᵣ, #ℓₓ) = j
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
y: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hvars: vars (Let K .in y) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
j: val
Hj: j ∈ vars (bind f (bind g (Let K .in y)))
Hfi: vars (f (InjLV (InjLV #()))) = ∅
Hfj: j : val, vars (f j) ⊆ {[j]}

vars (g (InjLV (InjRV #()))) = ∅
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
y: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hvars: vars (Let K .in y) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
j: val
Hj: j ∈ vars (bind f (bind g (Let K .in y)))
Hfi: vars (f (InjLV (InjLV #()))) = ∅
Hfj: j : val, vars (f j) ⊆ {[j]}
Hgi: vars (g (InjLV (InjRV #()))) = ∅
InjRV (nᵣ, #ℓₓ) = j
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
y: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hvars: vars (Let K .in y) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
j: val
Hj: j ∈ vars (bind f (bind g (Let K .in y)))
Hfi: vars (f (InjLV (InjLV #()))) = ∅
Hfj: j : val, vars (f j) ⊆ {[j]}

vars (g (InjLV (InjRV #()))) = ∅
by rewrite /g overwrite_eq.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
y: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hvars: vars (Let K .in y) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
j: val
Hj: j ∈ vars (bind f (bind g (Let K .in y)))
Hfi: vars (f (InjLV (InjLV #()))) = ∅
Hfj: j : val, vars (f j) ⊆ {[j]}
Hgi: vars (g (InjLV (InjRV #()))) = ∅

InjRV (nᵣ, #ℓₓ) = j
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
y: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hvars: vars (Let K .in y) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
j: val
Hj: j ∈ vars (bind f (bind g (Let K .in y)))
Hfi: vars (f (InjLV (InjLV #()))) = ∅
Hfj: j : val, vars (f j) ⊆ {[j]}
Hgi: vars (g (InjLV (InjRV #()))) = ∅

j : val, vars (g j) ⊆ {[j]}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
y: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hvars: vars (Let K .in y) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
j: val
Hj: j ∈ vars (bind f (bind g (Let K .in y)))
Hfi: vars (f (InjLV (InjLV #()))) = ∅
Hfj: j : val, vars (f j) ⊆ {[j]}
Hgi: vars (g (InjLV (InjRV #()))) = ∅
Hgj: j : val, vars (g j) ⊆ {[j]}
InjRV (nᵣ, #ℓₓ) = j
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
y: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hvars: vars (Let K .in y) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
j: val
Hj: j ∈ vars (bind f (bind g (Let K .in y)))
Hfi: vars (f (InjLV (InjLV #()))) = ∅
Hfj: j : val, vars (f j) ⊆ {[j]}
Hgi: vars (g (InjLV (InjRV #()))) = ∅

j : val, vars (g j) ⊆ {[j]}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
y: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hvars: vars (Let K .in y) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
j: val
Hj: j ∈ vars (bind f (bind g (Let K .in y)))
Hfi: vars (f (InjLV (InjLV #()))) = ∅
Hfj: j : val, vars (f j) ⊆ {[j]}
Hgi: vars (g (InjLV (InjRV #()))) = ∅
k: val

vars (g k) ⊆ {[k]}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
y: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hvars: vars (Let K .in y) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
j: val
Hj: j ∈ vars (bind f (bind g (Let K .in y)))
Hfi: vars (f (InjLV (InjLV #()))) = ∅
Hfj: j : val, vars (f j) ⊆ {[j]}
Hgi: vars (g (InjLV (InjRV #()))) = ∅

vars (g (InjLV (InjRV #()))) ⊆ {[InjLV (InjRV #())]}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
y: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hvars: vars (Let K .in y) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
j: val
Hj: j ∈ vars (bind f (bind g (Let K .in y)))
Hfi: vars (f (InjLV (InjLV #()))) = ∅
Hfj: j : val, vars (f j) ⊆ {[j]}
Hgi: vars (g (InjLV (InjRV #()))) = ∅
k: val
Hneq: k ≠ InjLV (InjRV #())
vars (g k) ⊆ {[k]}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
y: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hvars: vars (Let K .in y) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
j: val
Hj: j ∈ vars (bind f (bind g (Let K .in y)))
Hfi: vars (f (InjLV (InjLV #()))) = ∅
Hfj: j : val, vars (f j) ⊆ {[j]}
Hgi: vars (g (InjLV (InjRV #()))) = ∅

vars (g (InjLV (InjRV #()))) ⊆ {[InjLV (InjRV #())]}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
y: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hvars: vars (Let K .in y) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
j: val
Hj: j ∈ vars (bind f (bind g (Let K .in y)))
Hfi: vars (f (InjLV (InjLV #()))) = ∅
Hfj: j : val, vars (f j) ⊆ {[j]}
Hgi: vars (g (InjLV (InjRV #()))) = ∅

vars ((Leaf val .{[ InjLV (InjRV #()) := Iₑ]}) (InjLV (InjRV #()))) ⊆ {[InjLV (InjRV #())]}
by rewrite overwrite_eq.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
y: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hvars: vars (Let K .in y) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
j: val
Hj: j ∈ vars (bind f (bind g (Let K .in y)))
Hfi: vars (f (InjLV (InjLV #()))) = ∅
Hfj: j : val, vars (f j) ⊆ {[j]}
Hgi: vars (g (InjLV (InjRV #()))) = ∅
k: val
Hneq: k ≠ InjLV (InjRV #())

vars (g k) ⊆ {[k]}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
y: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hvars: vars (Let K .in y) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
j: val
Hj: j ∈ vars (bind f (bind g (Let K .in y)))
Hfi: vars (f (InjLV (InjLV #()))) = ∅
Hfj: j : val, vars (f j) ⊆ {[j]}
Hgi: vars (g (InjLV (InjRV #()))) = ∅
k: val
Hneq: k ≠ InjLV (InjRV #())

vars ((Leaf val .{[ InjLV (InjRV #()) := Iₑ]}) k) ⊆ {[k]}
by rewrite overwrite_neq.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
y: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hvars: vars (Let K .in y) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
j: val
Hj: j ∈ vars (bind f (bind g (Let K .in y)))
Hfi: vars (f (InjLV (InjLV #()))) = ∅
Hfj: j : val, vars (f j) ⊆ {[j]}
Hgi: vars (g (InjLV (InjRV #()))) = ∅
Hgj: j : val, vars (g j) ⊆ {[j]}

InjRV (nᵣ, #ℓₓ) = j
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
y: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hvars: vars (Let K .in y) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
j: val
Hj: j ∈ vars (bind f (bind g (Let K .in y)))
Hfi: vars (f (InjLV (InjLV #()))) = ∅
Hfj: j : val, vars (f j) ⊆ {[j]}
Hgi: vars (g (InjLV (InjRV #()))) = ∅
Hgj: j : val, vars (g j) ⊆ {[j]}
Hf: j ∈ vars (bind g (Let K .in y)) ∖ {[InjLV (InjLV #())]}

InjRV (nᵣ, #ℓₓ) = j
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
y: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hvars: vars (Let K .in y) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
j: val
Hj: j ∈ vars (bind f (bind g (Let K .in y)))
Hfi: vars (f (InjLV (InjLV #()))) = ∅
Hfj: j : val, vars (f j) ⊆ {[j]}
Hgi: vars (g (InjLV (InjRV #()))) = ∅
Hgj: j : val, vars (g j) ⊆ {[j]}
Hf: j ∈ vars (bind g (Let K .in y)) ∖ {[InjLV (InjLV #())]}
Hg: vars (bind g (Let K .in y)) ⊆ vars (Let K .in y) ∖ {[InjLV (InjRV #())]}

InjRV (nᵣ, #ℓₓ) = j
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
y: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hvars: vars (Let K .in y) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
j: val
Hj: j ∈ vars (bind f (bind g (Let K .in y)))
Hfi: vars (f (InjLV (InjLV #()))) = ∅
Hfj: j : val, vars (f j) ⊆ {[j]}
Hgi: vars (g (InjLV (InjRV #()))) = ∅
Hgj: j : val, vars (g j) ⊆ {[j]}
Hf: j ∈ vars (bind g (Let K .in y)) ∖ {[InjLV (InjLV #())]}
Hg: vars (bind g (Let K .in y)) ⊆ vars (Let K .in y) ∖ {[InjLV (InjRV #())]}

j ∈ ({[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]} ∖ {[InjLV (InjRV #())]} ∖ {[InjLV (InjLV #())]} : gset val) → InjRV (nᵣ, #ℓₓ) = j
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
y: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hvars: vars (Let K .in y) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
j: val
Hj: j ∈ vars (bind f (bind g (Let K .in y)))
Hfi: vars (f (InjLV (InjLV #()))) = ∅
Hfj: j : val, vars (f j) ⊆ {[j]}
Hgi: vars (g (InjLV (InjRV #()))) = ∅
Hgj: j : val, vars (g j) ⊆ {[j]}
Hf: j ∈ vars (bind g (Let K .in y)) ∖ {[InjLV (InjLV #())]}
Hg: vars (bind g (Let K .in y)) ⊆ vars (Let K .in y) ∖ {[InjLV (InjRV #())]}
j ∈ ({[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]} ∖ {[InjLV (InjRV #())]} ∖ {[ InjLV (InjLV #())]} : gset val)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
y: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hvars: vars (Let K .in y) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
j: val
Hj: j ∈ vars (bind f (bind g (Let K .in y)))
Hfi: vars (f (InjLV (InjLV #()))) = ∅
Hfj: j : val, vars (f j) ⊆ {[j]}
Hgi: vars (g (InjLV (InjRV #()))) = ∅
Hgj: j : val, vars (g j) ⊆ {[j]}
Hf: j ∈ vars (bind g (Let K .in y)) ∖ {[InjLV (InjLV #())]}
Hg: vars (bind g (Let K .in y)) ⊆ vars (Let K .in y) ∖ {[InjLV (InjRV #())]}

j ∈ ({[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]} ∖ {[InjLV (InjRV #())]} ∖ {[InjLV (InjLV #())]} : gset val)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
y: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hvars: vars (Let K .in y) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
j: val
Hj: j ∈ vars (bind f (bind g (Let K .in y)))
Hfi: vars (f (InjLV (InjLV #()))) = ∅
Hfj: j : val, vars (f j) ⊆ {[j]}
Hgi: vars (g (InjLV (InjRV #()))) = ∅
Hgj: j : val, vars (g j) ⊆ {[j]}
Hf: j ∈ vars (bind g (Let K .in y)) ∖ {[InjLV (InjLV #())]}
Hg: vars (bind g (Let K .in y)) ⊆ vars (Let K .in y) ∖ {[InjLV (InjRV #())]}

j ∈ vars (Let K .in y) ∖ {[InjLV (InjRV #())]} ∖ {[InjLV (InjLV #())]} → j ∈ ({[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]} ∖ {[InjLV (InjRV #())]} ∖ {[InjLV (InjLV #())]} : gset val)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
y: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hvars: vars (Let K .in y) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
j: val
Hj: j ∈ vars (bind f (bind g (Let K .in y)))
Hfi: vars (f (InjLV (InjLV #()))) = ∅
Hfj: j : val, vars (f j) ⊆ {[j]}
Hgi: vars (g (InjLV (InjRV #()))) = ∅
Hgj: j : val, vars (g j) ⊆ {[j]}
Hf: j ∈ vars (bind g (Let K .in y)) ∖ {[InjLV (InjLV #())]}
Hg: vars (bind g (Let K .in y)) ⊆ vars (Let K .in y) ∖ {[InjLV (InjRV #())]}
j ∈ vars (Let K .in y) ∖ {[InjLV (InjRV #())]} ∖ {[InjLV (InjLV #())]}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
y: val
f:= Leaf val .{[ InjLV (InjLV #()) := Oₑ]}: val → Expr val
g:= Leaf val .{[ InjLV (InjRV #()) := Iₑ]}: val → Expr val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hvars: vars (Let K .in y) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
j: val
Hj: j ∈ vars (bind f (bind g (Let K .in y)))
Hfi: vars (f (InjLV (InjLV #()))) = ∅
Hfj: j : val, vars (f j) ⊆ {[j]}
Hgi: vars (g (InjLV (InjRV #()))) = ∅
Hgj: j : val, vars (g j) ⊆ {[j]}
Hf: j ∈ vars (bind g (Let K .in y)) ∖ {[InjLV (InjLV #())]}
Hg: vars (bind g (Let K .in y)) ⊆ vars (Let K .in y) ∖ {[InjLV (InjRV #())]}

j ∈ vars (Let K .in y) ∖ {[InjLV (InjRV #())]} ∖ {[InjLV (InjLV #())]}
cut (j ∈ (vars (bind g (Let K .in y)) ∖ {[a₀]})); set_solver. } Qed.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
: loc
d: val

ℓ ↦ d -∗ forward_inv K -∗ ⌜ v : val, InjRV (v, #ℓ) ∉ defs K ++ [InjRV (nᵣ, #ℓₓ)]⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
: loc
d: val

ℓ ↦ d -∗ forward_inv K -∗ ⌜ v : val, InjRV (v, #ℓ) ∉ defs K ++ [InjRV (nᵣ, #ℓₓ)]⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
: loc
d, v: val

"Hu" : ℓ ↦ d "Hheap" : [∗ list] u ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝ --------------------------------------∗ ⌜InjRV (v, #ℓ) ∉ defs K ++ [InjRV (nᵣ, #ℓₓ)]⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
: loc
d, v: val

"Hu" : ℓ ↦ d "Hheap" : [∗ list] u ∈ [], (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝ --------------------------------------∗ ⌜InjRV (v, #ℓ) ∉ []⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
: loc
d, v, u: val
us: list val
"IH" : ℓ ↦ d -∗ ([∗ list] u ∈ us, (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝) -∗ ⌜InjRV (v, #ℓ) ∉ us⌝ --------------------------------------□ "Hu" : ℓ ↦ d "Hheap" : [∗ list] u ∈ (u :: us), (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜ u = InjRV (v, #ℓ)⌝ --------------------------------------∗ ⌜InjRV (v, #ℓ) ∉ u :: us⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
: loc
d, v: val

"Hu" : ℓ ↦ d "Hheap" : [∗ list] u ∈ [], (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝ --------------------------------------∗ ⌜InjRV (v, #ℓ) ∉ []⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
: loc
d, v: val

InjRV (v, #ℓ) ∉ []
by apply not_elem_of_nil.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
: loc
d, v, u: val
us: list val

"IH" : ℓ ↦ d -∗ ([∗ list] u ∈ us, (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝) -∗ ⌜InjRV (v, #ℓ) ∉ us⌝ --------------------------------------□ "Hu" : ℓ ↦ d "Hheap" : [∗ list] u ∈ (u :: us), (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝ --------------------------------------∗ ⌜InjRV (v, #ℓ) ∉ u :: us⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
: loc
d, v, u: val
us: list val

"IH" : ℓ ↦ d -∗ ([∗ list] u ∈ us, (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝) -∗ ⌜InjRV (v, #ℓ) ∉ us⌝ --------------------------------------□ "Hu" : ℓ ↦ d "Hheap" : [∗ list] u ∈ (u :: us), (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝ --------------------------------------∗ ⌜InjRV (v, #ℓ) ∉ u :: us⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
: loc
d, v, u: val
us: list val

"IH" : ℓ ↦ d -∗ ([∗ list] u ∈ us, (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝) -∗ ⌜InjRV (v, #ℓ) ∉ us⌝ --------------------------------------□ "Hu" : ℓ ↦ d "Hheap" : [∗ list] u ∈ (u :: us), (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝ --------------------------------------∗ ⌜InjRV (v, #ℓ) ≠ u ∧ InjRV (v, #ℓ) ∉ us⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
: loc
d, v, u: val
us: list val

"IH" : ℓ ↦ d -∗ ([∗ list] u ∈ us, (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝) -∗ ⌜InjRV (v, #ℓ) ∉ us⌝ --------------------------------------□ "Hu" : ℓ ↦ d "Hheap" : ( (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝) ∗ ([∗ list] u ∈ us, (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝) --------------------------------------∗ ⌜InjRV (v, #ℓ) ≠ u ∧ InjRV (v, #ℓ) ∉ us⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
: loc
d, v, u: val
us: list val

"IH" : ℓ ↦ d -∗ ([∗ list] u ∈ us, (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝) -∗ ⌜InjRV (v, #ℓ) ∉ us⌝ --------------------------------------□ "Hu" : ℓ ↦ d "Hy" : (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝ "Hheap" : [∗ list] u ∈ us, (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝ --------------------------------------∗ ⌜InjRV (v, #ℓ) ≠ u ∧ InjRV (v, #ℓ) ∉ us⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
: loc
d, v: val
us: list val
v': val
ℓ': loc

"IH" : ℓ ↦ d -∗ ([∗ list] u ∈ us, (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝) -∗ ⌜InjRV (v, #ℓ) ∉ us⌝ --------------------------------------□ "Hu" : ℓ ↦ d "Hy" : ℓ' ↦ nzero "Hheap" : [∗ list] u ∈ us, (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝ --------------------------------------∗ ⌜InjRV (v, #ℓ) ≠ InjRV (v', #ℓ') ∧ InjRV (v, #ℓ) ∉ us⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
: loc
d, v: val
us: list val
v': val
ℓ': loc

"IH" : ℓ ↦ d -∗ ([∗ list] u ∈ us, (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝) -∗ ⌜InjRV (v, #ℓ) ∉ us⌝ --------------------------------------□ "Hu" : ℓ ↦ d "Hy" : ℓ' ↦ nzero "Hheap" : [∗ list] u ∈ us, (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝ --------------------------------------∗ ⌜InjRV (v, #ℓ) ≠ InjRV (v', #ℓ')⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
: loc
d, v: val
us: list val
v': val
ℓ': loc
"IH" : ℓ ↦ d -∗ ([∗ list] u ∈ us, (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝) -∗ ⌜InjRV (v, #ℓ) ∉ us⌝ --------------------------------------□ "Hu" : ℓ ↦ d "Hy" : ℓ' ↦ nzero "Hheap" : [∗ list] u ∈ us, (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝ --------------------------------------∗ ⌜InjRV (v, #ℓ) ∉ us⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
: loc
d, v: val
us: list val
v': val
ℓ': loc

"IH" : ℓ ↦ d -∗ ([∗ list] u ∈ us, (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝) -∗ ⌜InjRV (v, #ℓ) ∉ us⌝ --------------------------------------□ "Hu" : ℓ ↦ d "Hy" : ℓ' ↦ nzero "Hheap" : [∗ list] u ∈ us, (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝ --------------------------------------∗ ⌜InjRV (v, #ℓ) ≠ InjRV (v', #ℓ')⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
: loc
d, v: val
us: list val
v': val
ℓ': loc
H: ℓ ≠ ℓ'

"IH" : ℓ ↦ d -∗ ([∗ list] u ∈ us, (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝) -∗ ⌜InjRV (v, #ℓ) ∉ us⌝ --------------------------------------□ "Hu" : ℓ ↦ d "Hy" : ℓ' ↦ nzero "Hheap" : [∗ list] u ∈ us, (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝ --------------------------------------∗ ⌜InjRV (v, #ℓ) ≠ InjRV (v', #ℓ')⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
: loc
d, v: val
us: list val
v': val
ℓ': loc
H: ℓ ≠ ℓ'

InjRV (v, #ℓ) ≠ InjRV (v', #ℓ')
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
: loc
d, v: val
us: list val
v': val
ℓ': loc
H: ℓ ≠ ℓ'
H0: InjRV (v, #ℓ) = InjRV (v', #ℓ')
H2: v = v'
H3: ℓ = ℓ'

False
contradiction.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
: loc
d, v: val
us: list val
v': val
ℓ': loc

"IH" : ℓ ↦ d -∗ ([∗ list] u ∈ us, (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝) -∗ ⌜InjRV (v, #ℓ) ∉ us⌝ --------------------------------------□ "Hu" : ℓ ↦ d "Hy" : ℓ' ↦ nzero "Hheap" : [∗ list] u ∈ us, (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝ --------------------------------------∗ ⌜InjRV (v, #ℓ) ∉ us⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
: loc
d, v: val
us: list val
v': val
ℓ': loc

"IH" : ℓ ↦ d -∗ ([∗ list] u ∈ us, (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝) -∗ ⌜InjRV (v, #ℓ) ∉ us⌝ --------------------------------------□ "Hu" : ℓ ↦ d "Hy" : ℓ' ↦ nzero "Hheap" : [∗ list] u ∈ us, (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝ --------------------------------------∗ ⌜InjRV (v, #ℓ) ∉ us⌝
by iApply ("IH" with "Hu Hheap"). } } Qed.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
: loc
d: val

ℓ ↦ d -∗ forward_inv K -∗ ⌜ v : val, context_to_map K !! InjRV (v, #ℓ) = None⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
: loc
d: val

ℓ ↦ d -∗ forward_inv K -∗ ⌜ v : val, context_to_map K !! InjRV (v, #ℓ) = None⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
: loc
d, v: val

"Hx" : ℓ ↦ d "Hinv" : forward_inv K --------------------------------------∗ ⌜context_to_map K !! InjRV (v, #ℓ) = None⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
: loc
d, v: val
Hnot_in: v : val, InjRV (v, #ℓ) ∉ defs K ++ [InjRV (nᵣ, #ℓₓ)]

"Hx" : ℓ ↦ d "Hinv" : forward_inv K --------------------------------------∗ ⌜context_to_map K !! InjRV (v, #ℓ) = None⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
: loc
d, v: val
Hnot_in: v : val, InjRV (v, #ℓ) ∉ defs K ++ [InjRV (nᵣ, #ℓₓ)]

context_to_map K !! InjRV (v, #ℓ) = None
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: context
: loc
d, v: val
Hnot_in: v : val, InjRV (v, #ℓ) ∉ defs K ++ [InjRV (nᵣ, #ℓₓ)]

InjRV (v, #ℓ) ∉ (reverse K).*1
set_solver. Qed.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: list (val * (Binop * val * val))
x: val
op: Binop
a, b, v: val
: loc
el, er: Expr ()

let ϱ := ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]} in let K' := K ++ [(x, (op, a, b))] in x = InjRV (v, #ℓ) → forward_inv K -∗ verification.represents γ ℓₓ nᵣ a el -∗ verification.represents γ ℓₓ nᵣ b er -∗ implements v ((ϱ .{[ K']}) x) -∗ ℓ ↦ nzero ==∗ forward_inv K' ∗ verification.represents γ ℓₓ nᵣ x (Node () op el er)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: list (val * (Binop * val * val))
x: val
op: Binop
a, b, v: val
: loc
el, er: Expr ()

let ϱ := ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]} in let K' := K ++ [(x, (op, a, b))] in x = InjRV (v, #ℓ) → forward_inv K -∗ verification.represents γ ℓₓ nᵣ a el -∗ verification.represents γ ℓₓ nᵣ b er -∗ implements v ((ϱ .{[ K']}) x) -∗ ℓ ↦ nzero ==∗ forward_inv K' ∗ verification.represents γ ℓₓ nᵣ x (Node () op el er)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: list (val * (Binop * val * val))
x: val
op: Binop
a, b, v: val
: loc
el, er: Expr ()
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
K':= K ++ [(x, (op, a, b))]: list (val * (Binop * val * val))

x = InjRV (v, #ℓ) → forward_inv K -∗ verification.represents γ ℓₓ nᵣ a el -∗ verification.represents γ ℓₓ nᵣ b er -∗ implements v ((ϱ .{[ K']}) x) -∗ ℓ ↦ nzero ==∗ forward_inv K' ∗ verification.represents γ ℓₓ nᵣ x (Node () op el er)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: list (val * (Binop * val * val))
op: Binop
a, b, v: val
: loc
el, er: Expr ()
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
K':= K ++ [(InjRV (v, #ℓ), (op, a, b))]: list (val * (Binop * val * val))

"Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er --------------------------------------□ "Hinv" : forward_inv K "Hv" : implements v ((ϱ .{[ K']}) (InjRV (v, #ℓ))) "Hx" : ℓ ↦ nzero --------------------------------------∗ |==> forward_inv K' ∗ verification.represents γ ℓₓ nᵣ (InjRV (v, #ℓ)) (Node () op el er)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: list (val * (Binop * val * val))
op: Binop
a, b, v: val
: loc
el, er: Expr ()
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
K':= K ++ [(InjRV (v, #ℓ), (op, a, b))]: list (val * (Binop * val * val))

"Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er --------------------------------------□ "Hinv" : forward_inv K "Hv" : implements v ((ϱ .{[ K']}) (InjRV (v, #ℓ))) "Hx" : ℓ ↦ nzero --------------------------------------∗ |==> forward_inv K' ∗ verification.represents γ ℓₓ nᵣ (InjRV (v, #ℓ)) (Node () op el er)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: list (val * (Binop * val * val))
op: Binop
a, b, v: val
: loc
el, er: Expr ()
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
K':= K ++ [(InjRV (v, #ℓ), (op, a, b))]: list (val * (Binop * val * val))
Hnot_in: v : val, InjRV (v, #ℓ) ∉ defs K ++ [InjRV (nᵣ, #ℓₓ)]

"Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er --------------------------------------□ "Hinv" : forward_inv K "Hv" : implements v ((ϱ .{[ K']}) (InjRV (v, #ℓ))) "Hx" : ℓ ↦ nzero --------------------------------------∗ |==> forward_inv K' ∗ verification.represents γ ℓₓ nᵣ (InjRV (v, #ℓ)) (Node () op el er)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: list (val * (Binop * val * val))
op: Binop
a, b, v: val
: loc
el, er: Expr ()
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
K':= K ++ [(InjRV (v, #ℓ), (op, a, b))]: list (val * (Binop * val * val))
Hnot_in: v : val, InjRV (v, #ℓ) ∉ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hlkp: v : val, context_to_map K !! InjRV (v, #ℓ) = None

"Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er --------------------------------------□ "Hinv" : forward_inv K "Hv" : implements v ((ϱ .{[ K']}) (InjRV (v, #ℓ))) "Hx" : ℓ ↦ nzero --------------------------------------∗ |==> forward_inv K' ∗ verification.represents γ ℓₓ nᵣ (InjRV (v, #ℓ)) (Node () op el er)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: list (val * (Binop * val * val))
op: Binop
a, b, v: val
: loc
el, er: Expr ()
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
K':= K ++ [(InjRV (v, #ℓ), (op, a, b))]: list (val * (Binop * val * val))
Hnot_in: v : val, InjRV (v, #ℓ) ∉ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hlkp: v : val, context_to_map K !! InjRV (v, #ℓ) = None
Hvars_a: vars (Let K .in a) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}

"Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er --------------------------------------□ "Hinv" : forward_inv K "Hv" : implements v ((ϱ .{[ K']}) (InjRV (v, #ℓ))) "Hx" : ℓ ↦ nzero --------------------------------------∗ |==> forward_inv K' ∗ verification.represents γ ℓₓ nᵣ (InjRV (v, #ℓ)) (Node () op el er)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: list (val * (Binop * val * val))
op: Binop
a, b, v: val
: loc
el, er: Expr ()
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
K':= K ++ [(InjRV (v, #ℓ), (op, a, b))]: list (val * (Binop * val * val))
Hnot_in: v : val, InjRV (v, #ℓ) ∉ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hlkp: v : val, context_to_map K !! InjRV (v, #ℓ) = None
Hvars_a: vars (Let K .in a) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Hvars_b: vars (Let K .in b) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}

"Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er --------------------------------------□ "Hinv" : forward_inv K "Hv" : implements v ((ϱ .{[ K']}) (InjRV (v, #ℓ))) "Hx" : ℓ ↦ nzero --------------------------------------∗ |==> forward_inv K' ∗ verification.represents γ ℓₓ nᵣ (InjRV (v, #ℓ)) (Node () op el er)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: list (val * (Binop * val * val))
op: Binop
a, b, v: val
: loc
el, er: Expr ()
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
K':= K ++ [(InjRV (v, #ℓ), (op, a, b))]: list (val * (Binop * val * val))
Hnot_in: v : val, InjRV (v, #ℓ) ∉ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hlkp: v : val, context_to_map K !! InjRV (v, #ℓ) = None
Hvars_a: vars (Let K .in a) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Hvars_b: vars (Let K .in b) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
H: u : val, u ∈ defs K → vars (Let K .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}

"Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er --------------------------------------□ "HK" : is_current_context γ K "Hheap" : [∗ list] u ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝ "Hv" : implements v ((ϱ .{[ K']}) (InjRV (v, #ℓ))) "Hx" : ℓ ↦ nzero --------------------------------------∗ |==> forward_inv K' ∗ verification.represents γ ℓₓ nᵣ (InjRV (v, #ℓ)) (Node () op el er)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: list (val * (Binop * val * val))
op: Binop
a, b, v: val
: loc
el, er: Expr ()
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
K':= K ++ [(InjRV (v, #ℓ), (op, a, b))]: list (val * (Binop * val * val))
Hnot_in: v : val, InjRV (v, #ℓ) ∉ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hlkp: v : val, context_to_map K !! InjRV (v, #ℓ) = None
Hvars_a: vars (Let K .in a) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Hvars_b: vars (Let K .in b) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Hvars: u : val, u ∈ defs K → vars (Let K .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}

"Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er --------------------------------------□ "HK" : is_current_context γ K "Hheap" : [∗ list] u ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝ "Hv" : implements v ((ϱ .{[ K']}) (InjRV (v, #ℓ))) "Hx" : ℓ ↦ nzero --------------------------------------∗ |==> forward_inv K' ∗ verification.represents γ ℓₓ nᵣ (InjRV (v, #ℓ)) (Node () op el er)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: list (val * (Binop * val * val))
op: Binop
a, b, v: val
: loc
el, er: Expr ()
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
K':= K ++ [(InjRV (v, #ℓ), (op, a, b))]: list (val * (Binop * val * val))
Hnot_in: v : val, InjRV (v, #ℓ) ∉ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hlkp: v : val, context_to_map K !! InjRV (v, #ℓ) = None
Hvars_a: vars (Let K .in a) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Hvars_b: vars (Let K .in b) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Hvars: u : val, u ∈ defs K → vars (Let K .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}

"Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er --------------------------------------□ "Hheap" : [∗ list] u ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝ "Hv" : implements v ((ϱ .{[ K']}) (InjRV (v, #ℓ))) "Hx" : ℓ ↦ nzero "HK'" : is_current_context γ (K ++ [(InjRV (v, #ℓ), (op, a, b))]) "Hentry" : is_entry γ (InjRV (v, #ℓ)) (op, a, b) --------------------------------------∗ |==> forward_inv K' ∗ verification.represents γ ℓₓ nᵣ (InjRV (v, #ℓ)) (Node () op el er)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: list (val * (Binop * val * val))
op: Binop
a, b, v: val
: loc
el, er: Expr ()
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
K':= K ++ [(InjRV (v, #ℓ), (op, a, b))]: list (val * (Binop * val * val))
Hnot_in: v : val, InjRV (v, #ℓ) ∉ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hlkp: v : val, context_to_map K !! InjRV (v, #ℓ) = None
Hvars_a: vars (Let K .in a) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Hvars_b: vars (Let K .in b) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Hvars: u : val, u ∈ defs K → vars (Let K .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}

"Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er --------------------------------------□ "Hheap" : [∗ list] u ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝ "Hv" : implements v ((ϱ .{[ K']}) (InjRV (v, #ℓ))) "Hx" : ℓ ↦ nzero "HK'" : is_current_context γ (K ++ [(InjRV (v, #ℓ), (op, a, b))]) "Hentry" : is_entry γ (InjRV (v, #ℓ)) (op, a, b) --------------------------------------∗ forward_inv K' ∗ verification.represents γ ℓₓ nᵣ (InjRV (v, #ℓ)) (Node () op el er)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: list (val * (Binop * val * val))
op: Binop
a, b, v: val
: loc
el, er: Expr ()
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
K':= K ++ [(InjRV (v, #ℓ), (op, a, b))]: list (val * (Binop * val * val))
Hnot_in: v : val, InjRV (v, #ℓ) ∉ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hlkp: v : val, context_to_map K !! InjRV (v, #ℓ) = None
Hvars_a: vars (Let K .in a) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Hvars_b: vars (Let K .in b) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Hvars: u : val, u ∈ defs K → vars (Let K .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}

"Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er --------------------------------------□ "HK'" : is_current_context γ (K ++ [(InjRV (v, #ℓ), (op, a, b))]) "Hheap" : [∗ list] u ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝ "Hx" : ℓ ↦ nzero "Hv" : implements v ((ϱ .{[ K']}) (InjRV (v, #ℓ))) --------------------------------------∗ forward_inv K'
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: list (val * (Binop * val * val))
op: Binop
a, b, v: val
: loc
el, er: Expr ()
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
K':= K ++ [(InjRV (v, #ℓ), (op, a, b))]: list (val * (Binop * val * val))
Hnot_in: v : val, InjRV (v, #ℓ) ∉ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hlkp: v : val, context_to_map K !! InjRV (v, #ℓ) = None
Hvars_a: vars (Let K .in a) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Hvars_b: vars (Let K .in b) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Hvars: u : val, u ∈ defs K → vars (Let K .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}

"Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er --------------------------------------□ "Hheap" : [∗ list] u ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝ "Hx" : ℓ ↦ nzero "Hv" : implements v ((ϱ .{[ K']}) (InjRV (v, #ℓ))) --------------------------------------∗ ⌜ u : val, u ∈ defs K' → vars (Let K' .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}⌝ ∗ ([∗ list] u ∈ (defs K' ++ [InjRV (nᵣ, #ℓₓ)]), (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K']}) u) ∗ ℓ ↦ nzero ∗ ⌜ u = InjRV (v, #ℓ)⌝)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: list (val * (Binop * val * val))
op: Binop
a, b, v: val
: loc
el, er: Expr ()
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
K':= K ++ [(InjRV (v, #ℓ), (op, a, b))]: list (val * (Binop * val * val))
Hnot_in: v : val, InjRV (v, #ℓ) ∉ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hlkp: v : val, context_to_map K !! InjRV (v, #ℓ) = None
Hvars_a: vars (Let K .in a) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Hvars_b: vars (Let K .in b) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Hvars: u : val, u ∈ defs K → vars (Let K .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}

"Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er --------------------------------------□ "Hheap" : [∗ list] u ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), (v : val) ( : loc), implements v ((ϱ .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝ "Hx" : ℓ ↦ nzero "Hv" : implements v ((ϱ .{[ K']}) (InjRV (v, #ℓ))) --------------------------------------∗ ⌜ u : val, u ∈ defs K' → vars (Let K' .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}⌝ ∗ ([∗ list] u ∈ (defs K' ++ [InjRV (nᵣ, #ℓₓ)]), (v : val) ( : loc), implements v ((ϱ .{[ K']}) u) ∗ ℓ ↦ nzero ∗ ⌜ u = InjRV (v, #ℓ)⌝)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: list (val * (Binop * val * val))
op: Binop
a, b, v: val
: loc
el, er: Expr ()
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
K':= K ++ [(InjRV (v, #ℓ), (op, a, b))]: list (val * (Binop * val * val))
Hnot_in: v : val, InjRV (v, #ℓ) ∉ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hlkp: v : val, context_to_map K !! InjRV (v, #ℓ) = None
Hvars_a: vars (Let K .in a) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Hvars_b: vars (Let K .in b) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Hvars: u : val, u ∈ defs K → vars (Let K .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}

u : val, u ∈ defs K' → vars (Let K' .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: list (val * (Binop * val * val))
op: Binop
a, b, v: val
: loc
el, er: Expr ()
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
K':= K ++ [(InjRV (v, #ℓ), (op, a, b))]: list (val * (Binop * val * val))
Hnot_in: v : val, InjRV (v, #ℓ) ∉ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hlkp: v : val, context_to_map K !! InjRV (v, #ℓ) = None
Hvars_a: vars (Let K .in a) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Hvars_b: vars (Let K .in b) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Hvars: u : val, u ∈ defs K → vars (Let K .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
"Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er --------------------------------------□ "Hheap" : [∗ list] u ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), (v : val) ( : loc), implements v ((ϱ .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝ "Hx" : ℓ ↦ nzero "Hv" : implements v ((ϱ .{[ K']}) (InjRV (v, #ℓ))) --------------------------------------∗ [∗ list] u ∈ (defs K' ++ [InjRV (nᵣ, #ℓₓ)]), (v : val) ( : loc), implements v ((ϱ .{[ K']}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: list (val * (Binop * val * val))
op: Binop
a, b, v: val
: loc
el, er: Expr ()
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
K':= K ++ [(InjRV (v, #ℓ), (op, a, b))]: list (val * (Binop * val * val))
Hnot_in: v : val, InjRV (v, #ℓ) ∉ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hlkp: v : val, context_to_map K !! InjRV (v, #ℓ) = None
Hvars_a: vars (Let K .in a) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Hvars_b: vars (Let K .in b) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Hvars: u : val, u ∈ defs K → vars (Let K .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}

u : val, u ∈ defs K' → vars (Let K' .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: list (val * (Binop * val * val))
op: Binop
a, b, v: val
: loc
el, er: Expr ()
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
K':= K ++ [(InjRV (v, #ℓ), (op, a, b))]: list (val * (Binop * val * val))
Hnot_in: v : val, InjRV (v, #ℓ) ∉ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hlkp: v : val, context_to_map K !! InjRV (v, #ℓ) = None
Hvars_a: vars (Let K .in a) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Hvars_b: vars (Let K .in b) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Hvars: u : val, u ∈ defs K → vars (Let K .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
u: val

u ∈ defs K' → vars (Let K' .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: list (val * (Binop * val * val))
op: Binop
a, b, v: val
: loc
el, er: Expr ()
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
K':= K ++ [(InjRV (v, #ℓ), (op, a, b))]: list (val * (Binop * val * val))
Hnot_in: v : val, InjRV (v, #ℓ) ∉ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hlkp: v : val, context_to_map K !! InjRV (v, #ℓ) = None
Hvars_a: vars (Let K .in a) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Hvars_b: vars (Let K .in b) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Hvars: u : val, u ∈ defs K → vars (Let K .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
u: val

u ∈ defs K ∨ u = InjRV (v, #ℓ) → vars (Let K' .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: list (val * (Binop * val * val))
op: Binop
a, b, v: val
: loc
el, er: Expr ()
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
K':= K ++ [(InjRV (v, #ℓ), (op, a, b))]: list (val * (Binop * val * val))
Hnot_in: v : val, InjRV (v, #ℓ) ∉ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hlkp: v : val, context_to_map K !! InjRV (v, #ℓ) = None
Hvars_a: vars (Let K .in a) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Hvars_b: vars (Let K .in b) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Hvars: u : val, u ∈ defs K → vars (Let K .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
u: val
Hu: u ∈ defs K

vars (Let K' .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: list (val * (Binop * val * val))
op: Binop
a, b, v: val
: loc
el, er: Expr ()
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
K':= K ++ [(InjRV (v, #ℓ), (op, a, b))]: list (val * (Binop * val * val))
Hnot_in: v : val, InjRV (v, #ℓ) ∉ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hlkp: v : val, context_to_map K !! InjRV (v, #ℓ) = None
Hvars_a: vars (Let K .in a) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Hvars_b: vars (Let K .in b) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Hvars: u : val, u ∈ defs K → vars (Let K .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
u: val
Hu: u = InjRV (v, #ℓ)
vars (Let K' .in InjRV (v, #ℓ)) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: list (val * (Binop * val * val))
op: Binop
a, b, v: val
: loc
el, er: Expr ()
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
K':= K ++ [(InjRV (v, #ℓ), (op, a, b))]: list (val * (Binop * val * val))
Hnot_in: v : val, InjRV (v, #ℓ) ∉ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hlkp: v : val, context_to_map K !! InjRV (v, #ℓ) = None
Hvars_a: vars (Let K .in a) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Hvars_b: vars (Let K .in b) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Hvars: u : val, u ∈ defs K → vars (Let K .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
u: val
Hu: u ∈ defs K

vars (Let K' .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: list (val * (Binop * val * val))
op: Binop
a, b, v: val
: loc
el, er: Expr ()
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
K':= K ++ [(InjRV (v, #ℓ), (op, a, b))]: list (val * (Binop * val * val))
Hnot_in: v : val, InjRV (v, #ℓ) ∉ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hlkp: v : val, context_to_map K !! InjRV (v, #ℓ) = None
Hvars_a: vars (Let K .in a) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Hvars_b: vars (Let K .in b) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Hvars: u : val, u ∈ defs K → vars (Let K .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
u: val
Hu: u ∈ defs K

InjRV (v, #ℓ) ≠ u
set_solver.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: list (val * (Binop * val * val))
op: Binop
a, b, v: val
: loc
el, er: Expr ()
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
K':= K ++ [(InjRV (v, #ℓ), (op, a, b))]: list (val * (Binop * val * val))
Hnot_in: v : val, InjRV (v, #ℓ) ∉ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hlkp: v : val, context_to_map K !! InjRV (v, #ℓ) = None
Hvars_a: vars (Let K .in a) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Hvars_b: vars (Let K .in b) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Hvars: u : val, u ∈ defs K → vars (Let K .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
u: val
Hu: u = InjRV (v, #ℓ)

vars (Let K' .in InjRV (v, #ℓ)) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: list (val * (Binop * val * val))
op: Binop
a, b, v: val
: loc
el, er: Expr ()
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
K':= K ++ [(InjRV (v, #ℓ), (op, a, b))]: list (val * (Binop * val * val))
Hnot_in: v : val, InjRV (v, #ℓ) ∉ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hlkp: v : val, context_to_map K !! InjRV (v, #ℓ) = None
Hvars_a: vars (Let K .in a) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Hvars_b: vars (Let K .in b) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Hvars: u : val, u ∈ defs K → vars (Let K .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
u: val
Hu: u = InjRV (v, #ℓ)

vars (Let K .in a) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]} ∧ vars (Let K .in b) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
done.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: list (val * (Binop * val * val))
op: Binop
a, b, v: val
: loc
el, er: Expr ()
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
K':= K ++ [(InjRV (v, #ℓ), (op, a, b))]: list (val * (Binop * val * val))
Hnot_in: v : val, InjRV (v, #ℓ) ∉ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hlkp: v : val, context_to_map K !! InjRV (v, #ℓ) = None
Hvars_a: vars (Let K .in a) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Hvars_b: vars (Let K .in b) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Hvars: u : val, u ∈ defs K → vars (Let K .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}

"Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er --------------------------------------□ "Hheap" : [∗ list] u ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), (v : val) ( : loc), implements v ((ϱ .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝ "Hx" : ℓ ↦ nzero "Hv" : implements v ((ϱ .{[ K']}) (InjRV (v, #ℓ))) --------------------------------------∗ [∗ list] u ∈ (defs K' ++ [InjRV (nᵣ, #ℓₓ)]), (v : val) ( : loc), implements v ((ϱ .{[ K']}) u) ∗ ℓ ↦ nzero ∗ ⌜ u = InjRV (v, #ℓ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: list (val * (Binop * val * val))
op: Binop
a, b, v: val
: loc
el, er: Expr ()
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
K':= K ++ [(InjRV (v, #ℓ), (op, a, b))]: list (val * (Binop * val * val))
Hnot_in: v : val, InjRV (v, #ℓ) ∉ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hlkp: v : val, context_to_map K !! InjRV (v, #ℓ) = None
Hvars_a: vars (Let K .in a) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Hvars_b: vars (Let K .in b) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Hvars: u : val, u ∈ defs K → vars (Let K .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}

"Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er --------------------------------------□ "Hheap" : [∗ list] u ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), (v : val) ( : loc), implements v ((ϱ .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝ "Hx" : ℓ ↦ nzero "Hv" : implements v ((ϱ .{[ K']}) (InjRV (v, #ℓ))) --------------------------------------∗ [∗ list] u ∈ (defs K' ++ [InjRV (nᵣ, #ℓₓ)]), (v : val) ( : loc), implements v ((ϱ .{[ K']}) u) ∗ ℓ ↦ nzero ∗ ⌜ u = InjRV (v, #ℓ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: list (val * (Binop * val * val))
op: Binop
a, b, v: val
: loc
el, er: Expr ()
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
K':= K ++ [(InjRV (v, #ℓ), (op, a, b))]: list (val * (Binop * val * val))
Hnot_in: v : val, InjRV (v, #ℓ) ∉ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hlkp: v : val, context_to_map K !! InjRV (v, #ℓ) = None
Hvars_a: vars (Let K .in a) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Hvars_b: vars (Let K .in b) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Hvars: u : val, u ∈ defs K → vars (Let K .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}

"Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er --------------------------------------□ "Hheap" : [∗ list] u ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), (v : val) ( : loc), implements v ((ϱ .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝ "Hx" : ℓ ↦ nzero "Hv" : implements v ((ϱ .{[ K']}) (InjRV (v, #ℓ))) --------------------------------------∗ [∗ list] x ∈ (InjRV (v, #ℓ) :: defs K ++ [InjRV (nᵣ, #ℓₓ)]), (v : val) ( : loc), implements v ((ϱ .{[ K']}) x) ∗ ℓ ↦ nzero ∗ ⌜ x = InjRV (v, #ℓ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: list (val * (Binop * val * val))
op: Binop
a, b, v: val
: loc
el, er: Expr ()
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
K':= K ++ [(InjRV (v, #ℓ), (op, a, b))]: list (val * (Binop * val * val))
Hnot_in: v : val, InjRV (v, #ℓ) ∉ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hlkp: v : val, context_to_map K !! InjRV (v, #ℓ) = None
Hvars_a: vars (Let K .in a) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Hvars_b: vars (Let K .in b) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Hvars: u : val, u ∈ defs K → vars (Let K .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}

"Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er --------------------------------------□ "Hheap" : [∗ list] u ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), (v : val) ( : loc), implements v ((ϱ .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝ --------------------------------------∗ [∗ list] y ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), (v : val) ( : loc), implements v ((ϱ .{[ K']}) y) ∗ ℓ ↦ nzero ∗ ⌜ y = InjRV (v, #ℓ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: list (val * (Binop * val * val))
op: Binop
a, b, v: val
: loc
el, er: Expr ()
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
K':= K ++ [(InjRV (v, #ℓ), (op, a, b))]: list (val * (Binop * val * val))
Hnot_in: v : val, InjRV (v, #ℓ) ∉ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hlkp: v : val, context_to_map K !! InjRV (v, #ℓ) = None
Hvars_a: vars (Let K .in a) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Hvars_b: vars (Let K .in b) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Hvars: u : val, u ∈ defs K → vars (Let K .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}

u : val, u ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (λ u0 : val, (v : val) ( : loc), implements v ((ϱ .{[ K]}) u0) ∗ ℓ ↦ nzero ∗ ⌜u0 = InjRV (v, #ℓ)⌝) u -∗ (λ u0 : val, (v : val) ( : loc), implements v ((ϱ .{[ K']}) u0) ∗ ℓ ↦ nzero ∗ ⌜u0 = InjRV (v, #ℓ)⌝) u
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: list (val * (Binop * val * val))
op: Binop
a, b, v: val
: loc
el, er: Expr ()
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
K':= K ++ [(InjRV (v, #ℓ), (op, a, b))]: list (val * (Binop * val * val))
Hnot_in: v : val, InjRV (v, #ℓ) ∉ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hlkp: v : val, context_to_map K !! InjRV (v, #ℓ) = None
Hvars_a: vars (Let K .in a) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Hvars_b: vars (Let K .in b) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Hvars: u : val, u ∈ defs K → vars (Let K .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
u: val
H: u ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)]

(λ u : val, (v : val) ( : loc), implements v ((ϱ .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝) u -∗ (λ u : val, (v : val) ( : loc), implements v ((ϱ .{[ K']}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝) u
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
K: list (val * (Binop * val * val))
op: Binop
a, b, v: val
: loc
el, er: Expr ()
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
K':= K ++ [(InjRV (v, #ℓ), (op, a, b))]: list (val * (Binop * val * val))
Hnot_in: v : val, InjRV (v, #ℓ) ∉ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hlkp: v : val, context_to_map K !! InjRV (v, #ℓ) = None
Hvars_a: vars (Let K .in a) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Hvars_b: vars (Let K .in b) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Hvars: u : val, u ∈ defs K → vars (Let K .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
u: val
H: u ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)]

( (v : val) ( : loc), implements v ((ϱ .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝) -∗ (v0 : val) (ℓ0 : loc), implements v0 ((ϱ .{[ K ++ [(InjRV (v, #ℓ), (op, a, b))]]}) u) ∗ ℓ0 ↦ nzero ∗ ⌜u = InjRV (v0, #ℓ0)⌝
by rewrite extension_snoc //= overwrite_neq; [|set_solver]. } Qed. End forward_invariant. Section forward_invariant_alloc. Context `{!cgraphG Σ, !heapG Σ} {R : Set} {RS : RingSig R} {N : Num} {Ψ : iEff Σ} {NSpec : NumSpec N Ψ RS}. Variables (ℓₓ : loc) (r : R) (nᵣ : val).
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
ℓₓ: loc
r: R
nᵣ: val

implements nᵣ r -∗ ℓₓ ↦ nzero ==∗ γ : gname, forward_inv γ ℓₓ r nᵣ []
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
ℓₓ: loc
r: R
nᵣ: val

implements nᵣ r -∗ ℓₓ ↦ nzero ==∗ γ : gname, forward_inv γ ℓₓ r nᵣ []
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
ℓₓ: loc
r: R
nᵣ: val

"Hnᵣ" : implements nᵣ r "Hℓₓ" : ℓₓ ↦ nzero --------------------------------------∗ |==> γ : gname, forward_inv γ ℓₓ r nᵣ []
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
ℓₓ: loc
r: R
nᵣ: val
γ: gname

"Hnᵣ" : implements nᵣ r "Hℓₓ" : ℓₓ ↦ nzero "Hcontext" : is_current_context γ [] --------------------------------------∗ |==> γ : gname, forward_inv γ ℓₓ r nᵣ []
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
ℓₓ: loc
r: R
nᵣ: val
γ: gname

"Hnᵣ" : implements nᵣ r "Hℓₓ" : ℓₓ ↦ nzero "Hcontext" : is_current_context γ [] --------------------------------------∗ γ : gname, forward_inv γ ℓₓ r nᵣ []
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
ℓₓ: loc
r: R
nᵣ: val
γ: gname

"Hnᵣ" : implements nᵣ r "Hℓₓ" : ℓₓ ↦ nzero "Hcontext" : is_current_context γ [] --------------------------------------∗ forward_inv γ ℓₓ r nᵣ []
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
ℓₓ: loc
r: R
nᵣ: val
γ: gname

"Hnᵣ" : implements nᵣ r "Hℓₓ" : ℓₓ ↦ nzero --------------------------------------∗ ⌜ u : val, u ∈ defs [] → vars (Let [] .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}⌝ ∗ ([∗ list] u ∈ (defs [] ++ [InjRV (nᵣ, #ℓₓ)]), (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ []]}) u) ∗ ℓ ↦ nzero ∗ ⌜ u = InjRV (v, #ℓ)⌝)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
ℓₓ: loc
r: R
nᵣ: val
γ: gname

"Hnᵣ" : implements nᵣ r "Hℓₓ" : ℓₓ ↦ nzero --------------------------------------∗ ⌜ u : val, u ∈ defs [] → vars (Let [] .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
ℓₓ: loc
r: R
nᵣ: val
γ: gname
"Hnᵣ" : implements nᵣ r "Hℓₓ" : ℓₓ ↦ nzero --------------------------------------∗ [∗ list] u ∈ (defs [] ++ [InjRV (nᵣ, #ℓₓ)]), (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ []]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
ℓₓ: loc
r: R
nᵣ: val
γ: gname

"Hnᵣ" : implements nᵣ r "Hℓₓ" : ℓₓ ↦ nzero --------------------------------------∗ ⌜ u : val, u ∈ defs [] → vars (Let [] .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
ℓₓ: loc
r: R
nᵣ: val
γ: gname

u : val, u ∈ defs [] → vars (Let [] .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
ℓₓ: loc
r: R
nᵣ: val
γ: gname
u: val

u ∈ defs [] → vars (Let [] .in u) ⊆ {[InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)]}
by rewrite elem_of_nil.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
ℓₓ: loc
r: R
nᵣ: val
γ: gname

"Hnᵣ" : implements nᵣ r "Hℓₓ" : ℓₓ ↦ nzero --------------------------------------∗ [∗ list] u ∈ (defs [] ++ [InjRV (nᵣ, #ℓₓ)]), (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ []]}) u) ∗ ℓ ↦ nzero ∗ ⌜ u = InjRV (v, #ℓ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
ℓₓ: loc
r: R
nᵣ: val
γ: gname

"Hnᵣ" : implements nᵣ r "Hℓₓ" : ℓₓ ↦ nzero --------------------------------------∗ [∗ list] u ∈ (defs [] ++ [InjRV (nᵣ, #ℓₓ)]), (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ []]}) u) ∗ ℓ ↦ nzero ∗ ⌜ u = InjRV (v, #ℓ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
ℓₓ: loc
r: R
nᵣ: val
γ: gname

"Hnᵣ" : implements nᵣ r "Hℓₓ" : ℓₓ ↦ nzero --------------------------------------∗ ( (v : val) ( : loc), implements v ((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) (InjRV (nᵣ, #ℓₓ))) ∗ ℓ ↦ nzero ∗ ⌜InjRV (nᵣ, #ℓₓ) = InjRV (v, #ℓ)⌝) ∗ emp
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
ℓₓ: loc
r: R
nᵣ: val
γ: gname

"Hnᵣ" : implements nᵣ r "Hℓₓ" : ℓₓ ↦ nzero --------------------------------------∗ (v : val) ( : loc), implements v ((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) (InjRV (nᵣ, #ℓₓ))) ∗ ℓ ↦ nzero ∗ ⌜InjRV (nᵣ, #ℓₓ) = InjRV (v, #ℓ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
ℓₓ: loc
r: R
nᵣ: val
γ: gname

"Hnᵣ" : implements nᵣ r "Hℓₓ" : ℓₓ ↦ nzero --------------------------------------∗ implements nᵣ ((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) (InjRV (nᵣ, #ℓₓ))) ∗ ℓₓ ↦ nzero ∗ ⌜InjRV (nᵣ, #ℓₓ) = InjRV (nᵣ, #ℓₓ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
ℓₓ: loc
r: R
nᵣ: val
γ: gname

"Hnᵣ" : implements nᵣ r --------------------------------------∗ implements nᵣ ((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) (InjRV (nᵣ, #ℓₓ))) ∗ ⌜InjRV (nᵣ, #ℓₓ) = InjRV (nᵣ, #ℓₓ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
ℓₓ: loc
r: R
nᵣ: val
γ: gname

"Hnᵣ" : implements nᵣ r --------------------------------------∗ implements nᵣ (((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) (InjRV (nᵣ, #ℓₓ))) ∗ ⌜InjRV (nᵣ, #ℓₓ) = InjRV (nᵣ, #ℓₓ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
ℓₓ: loc
r: R
nᵣ: val
γ: gname

"Hnᵣ" : implements nᵣ r --------------------------------------∗ implements nᵣ r ∗ ⌜InjRV (nᵣ, #ℓₓ) = InjRV (nᵣ, #ℓₓ)⌝
by iFrame. } Qed. End forward_invariant_alloc. (** Backward invariant. *) (** After the execution of the client, the handler traverses the complete sequence of operations in reverse order. We can thus split this complete sequence into a pair of contexts, its prefix and suffix, and state what holds at each step of this phase in terms of those. *) Section backward_invariant. Context `{!cgraphG Σ, !heapG Σ} {R : Set} {RS : RingSig R} {RA : IsRing R} {N : Num} {Ψ : iEff Σ} {NSpec : NumSpec N Ψ RS}. Variables (γ : gname) (ℓₓ : loc) (r : R) (nᵣ : val) (e : Expr ()). (* The expression implemented by the client. *) Notation a₀ := (InjLV (InjLV #()))%V (only parsing). Notation a₁ := (InjLV (InjRV #()))%V (only parsing). Notation aₓ := (InjRV (nᵣ, #ℓₓ))%V (only parsing). Notation adj_vars := ([a₀; a₁; aₓ]) (only parsing). Notation represents := (represents γ ℓₓ nᵣ) (only parsing). Definition mapsto_diff (K₁ K₂ : context) (y u : val) : iProp Σ := let ϱ := (λ _, r).{[a₀ := Oᵣ]}.{[a₁ := Iᵣ]} in let ϑ := ϱ.{[K₁]} in ( v ( : loc), ⌜ u = InjRV (v, #ℓ)%V ⌝ → ( d s, implements d s ∗ ⌜ s =ᵣ ∂ (Let K₂ .in y) ./ ∂ u .at ϑ ⌝ ∗ ℓ ↦ d ) )%I. Definition backward_inv (K₁ K₂ : context) (y : val) : iProp Σ := ( let ϱ := (λ _, r).{[a₀ := Oᵣ]}.{[a₁ := Iᵣ]} in ⌜ ∂ e ./ ∂ tt .at (λ _, r) =ᵣ ∂ (Let (K₁ ++ K₂) .in y) ./ ∂ aₓ .at ϱ ⌝ ∗ ( [∗ list] u ∈ defs K₁ ++ [aₓ], v ( : loc), mapsto_diff K₁ K₂ y u ∗ ⌜ u = InjRV (v, #ℓ)%V ⌝ ) )%I. Definition is_adj_var (a : val) : iProp Σ := ⌜ ( (w : val), a = InjLV w ) ∨ ( (n : val) ( : loc), a = InjRV (n, #ℓ)%V) ⌝. Definition both_mapto_diff (K₁ K₂ : context) (y a b : val) : iProp Σ := (is_adj_var a ∗ mapsto_diff K₁ K₂ y a) ∗ (⌜ a ≠ b ⌝ -∗ (is_adj_var b ∗ mapsto_diff K₁ K₂ y b)).
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b, u, v: val
: loc

u = InjRV (v, #ℓ) → x ≠ u → a ≠ u → b ≠ u → mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y u -∗ mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y u
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b, u, v: val
: loc

u = InjRV (v, #ℓ) → x ≠ u → a ≠ u → b ≠ u → mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y u -∗ mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y u
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b, u, v: val
: loc
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R

u = InjRV (v, #ℓ) → x ≠ u → a ≠ u → b ≠ u → mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y u -∗ mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y u
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b, u, v: val
: loc
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hu: u = InjRV (v, #ℓ)
Hux: x ≠ u
Hua: a ≠ u
Hub: b ≠ u

"Hu" : mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y u --------------------------------------∗ mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y u
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b, u, v: val
: loc
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hu: u = InjRV (v, #ℓ)
Hux: x ≠ u
Hua: a ≠ u
Hub: b ≠ u
d: val
s: R
H: s =ᵣ (∂ Let K₂ .in y ./ ∂ u .at ((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))

"Hd" : implements d s "HH" : ℓ ↦ d --------------------------------------∗ mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y u
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b, u, v: val
: loc
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hu: u = InjRV (v, #ℓ)
Hux: x ≠ u
Hua: a ≠ u
Hub: b ≠ u
d: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ u .at ((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))

"Hd" : implements d s "HH" : ℓ ↦ d --------------------------------------∗ mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y u
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b, u, v: val
: loc
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hu: u = InjRV (v, #ℓ)
Hux: x ≠ u
Hua: a ≠ u
Hub: b ≠ u
d: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ u .at ((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
v': val
ℓ': loc
Hu': u = InjRV (v', #ℓ')

"Hd" : implements d s "HH" : ℓ ↦ d --------------------------------------∗ (d : val) (s : R), implements d s ∗ ⌜s =ᵣ (∂ Let (x, (op, a, b)) :: K₂ .in y ./ ∂ u .at ((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K₁]}))⌝ ∗ ℓ' ↦ d
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b, u, v: val
: loc
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hu: u = InjRV (v, #ℓ)
Hux: x ≠ u
Hua: a ≠ u
Hub: b ≠ u
d: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ u .at ((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
Hu': u = InjRV (v, #ℓ)

"Hd" : implements d s "HH" : ℓ ↦ d --------------------------------------∗ (d : val) (s : R), implements d s ∗ ⌜s =ᵣ (∂ Let (x, (op, a, b)) :: K₂ .in y ./ ∂ u .at ((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K₁]}))⌝ ∗ ℓ ↦ d
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b, u, v: val
: loc
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hu: u = InjRV (v, #ℓ)
Hux: x ≠ u
Hua: a ≠ u
Hub: b ≠ u
d: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ u .at ((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
Hu': u = InjRV (v, #ℓ)

"Hd" : implements d s "HH" : ℓ ↦ d --------------------------------------∗ implements d s ∗ ⌜s =ᵣ (∂ Let (x, (op, a, b)) :: K₂ .in y ./ ∂ u .at ((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K₁]}))⌝ ∗ ℓ ↦ d
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b, u, v: val
: loc
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hu: u = InjRV (v, #ℓ)
Hux: x ≠ u
Hua: a ≠ u
Hub: b ≠ u
d: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ u .at ((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
Hu': u = InjRV (v, #ℓ)

--------------------------------------∗ ⌜s =ᵣ (∂ Let (x, (op, a, b)) :: K₂ .in y ./ ∂ u .at ((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K₁]}))⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b, u, v: val
: loc
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hu: u = InjRV (v, #ℓ)
Hux: x ≠ u
Hua: a ≠ u
Hub: b ≠ u
d: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ u .at ((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
Hu': u = InjRV (v, #ℓ)

s =ᵣ (∂ Let (x, (op, a, b)) :: K₂ .in y ./ ∂ u .at ((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K₁]}))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b, u, v: val
: loc
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hu: u = InjRV (v, #ℓ)
Hux: x ≠ u
Hua: a ≠ u
Hub: b ≠ u
d: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ u .at ((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
Hu': u = InjRV (v, #ℓ)

s =ᵣ (∂ Let (x, (op, a, b)) :: K₂ .in y ./ ∂ u .at (ϱ .{[ K₁]}))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b, u, v: val
: loc
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hu: u = InjRV (v, #ℓ)
Hux: x ≠ u
Hua: a ≠ u
Hub: b ≠ u
d: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ u .at ((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
Hu': u = InjRV (v, #ℓ)

(∂ Let K₂ .in y ./ ∂ u .at ((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]})) =ᵣ ((∂ Let K₂ .in y ./ ∂ u .at ((ϱ .{[ K₁]}) .{[ x := denote op ((ϱ .{[ K₁]}) a) ((ϱ .{[ K₁]}) b)]})) +ᵣ (∂ Let K₂ .in y ./ ∂ x .at ((ϱ .{[ K₁]}) .{[ x := denote op ((ϱ .{[ K₁]}) a) ((ϱ .{[ K₁]}) b)]})) ×ᵣ (∂ Node val op (Leaf val a) (Leaf val b) ./ ∂ u .at (ϱ .{[ K₁]})))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b, u, v: val
: loc
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hu: u = InjRV (v, #ℓ)
Hux: x ≠ u
Hua: a ≠ u
Hub: b ≠ u
d: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ u .at ((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
Hu': u = InjRV (v, #ℓ)

(∂ Let K₂ .in y ./ ∂ u .at ((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]})) =ᵣ ((∂ Let K₂ .in y ./ ∂ u .at ((ϱ .{[ K₁]}) .{[ x := denote op ((ϱ .{[ K₁]}) a) ((ϱ .{[ K₁]}) b)]})) +ᵣ (∂ Let K₂ .in y ./ ∂ x .at ((ϱ .{[ K₁]}) .{[ x := denote op ((ϱ .{[ K₁]}) a) ((ϱ .{[ K₁]}) b)]})) ×ᵣ (Oᵣ))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b, u, v: val
: loc
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hu: u = InjRV (v, #ℓ)
Hux: x ≠ u
Hua: a ≠ u
Hub: b ≠ u
d: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ u .at ((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
Hu': u = InjRV (v, #ℓ)
(∂ Node val op (Leaf val a) (Leaf val b) ./ ∂ u .at (ϱ .{[ K₁]})) =ᵣ Oᵣ
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b, u, v: val
: loc
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hu: u = InjRV (v, #ℓ)
Hux: x ≠ u
Hua: a ≠ u
Hub: b ≠ u
d: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ u .at ((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
Hu': u = InjRV (v, #ℓ)

(∂ Let K₂ .in y ./ ∂ u .at ((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]})) =ᵣ ((∂ Let K₂ .in y ./ ∂ u .at ((ϱ .{[ K₁]}) .{[ x := denote op ((ϱ .{[ K₁]}) a) ((ϱ .{[ K₁]}) b)]})) +ᵣ (∂ Let K₂ .in y ./ ∂ x .at ((ϱ .{[ K₁]}) .{[ x := denote op ((ϱ .{[ K₁]}) a) ((ϱ .{[ K₁]}) b)]})) ×ᵣ (Oᵣ))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b, u, v: val
: loc
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hu: u = InjRV (v, #ℓ)
Hux: x ≠ u
Hua: a ≠ u
Hub: b ≠ u
d: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ u .at ((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
Hu': u = InjRV (v, #ℓ)

(∂ Let K₂ .in y ./ ∂ u .at ((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]})) =ᵣ ((∂ Let K₂ .in y ./ ∂ u .at ((ϱ .{[ K₁]}) .{[ x := denote op ((ϱ .{[ K₁]}) a) ((ϱ .{[ K₁]}) b)]})) +ᵣ (Oᵣ) ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ((ϱ .{[ K₁]}) .{[ x := denote op ((ϱ .{[ K₁]}) a) ((ϱ .{[ K₁]}) b)]})))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b, u, v: val
: loc
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hu: u = InjRV (v, #ℓ)
Hux: x ≠ u
Hua: a ≠ u
Hub: b ≠ u
d: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ u .at ((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
Hu': u = InjRV (v, #ℓ)

(∂ Let K₂ .in y ./ ∂ u .at ((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]})) =ᵣ ((∂ Let K₂ .in y ./ ∂ u .at ((ϱ .{[ K₁]}) .{[ x := denote op ((ϱ .{[ K₁]}) a) ((ϱ .{[ K₁]}) b)]})) +ᵣ Oᵣ)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b, u, v: val
: loc
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hu: u = InjRV (v, #ℓ)
Hux: x ≠ u
Hua: a ≠ u
Hub: b ≠ u
d: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ u .at ((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
Hu': u = InjRV (v, #ℓ)

(∂ Let K₂ .in y ./ ∂ u .at ((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]})) =ᵣ (Oᵣ +ᵣ (∂ Let K₂ .in y ./ ∂ u .at ((ϱ .{[ K₁]}) .{[ x := denote op ((ϱ .{[ K₁]}) a) ((ϱ .{[ K₁]}) b)]})))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b, u, v: val
: loc
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hu: u = InjRV (v, #ℓ)
Hux: x ≠ u
Hua: a ≠ u
Hub: b ≠ u
d: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ u .at ((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
Hu': u = InjRV (v, #ℓ)

(∂ Let K₂ .in y ./ ∂ u .at ((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]})) =ᵣ (∂ Let K₂ .in y ./ ∂ u .at ((ϱ .{[ K₁]}) .{[ x := denote op ((ϱ .{[ K₁]}) a) ((ϱ .{[ K₁]}) b)]}))
rewrite extension_snoc //=; done.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b, u, v: val
: loc
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hu: u = InjRV (v, #ℓ)
Hux: x ≠ u
Hua: a ≠ u
Hub: b ≠ u
d: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ u .at ((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
Hu': u = InjRV (v, #ℓ)

(∂ Node val op (Leaf val a) (Leaf val b) ./ ∂ u .at (ϱ .{[ K₁]})) =ᵣ Oᵣ
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b, u, v: val
: loc
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hu: u = InjRV (v, #ℓ)
Hux: x ≠ u
Hua: a ≠ u
Hub: b ≠ u
d: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ u .at ((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
Hu': u = InjRV (v, #ℓ)

(∂ Node val op (Leaf val a) (Leaf val b) ./ ∂ u .at (ϱ .{[ K₁]})) =ᵣ Oᵣ
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x, a, b, u, v: val
: loc
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hu: u = InjRV (v, #ℓ)
Hux: x ≠ u
Hua: a ≠ u
Hub: b ≠ u
d: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ u .at ((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K₁ ++ [(x, (Add, a, b))]]}))
Hu': u = InjRV (v, #ℓ)

(Oᵣ +ᵣ Oᵣ) =ᵣ Oᵣ
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x, a, b, u, v: val
: loc
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hu: u = InjRV (v, #ℓ)
Hux: x ≠ u
Hua: a ≠ u
Hub: b ≠ u
d: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ u .at ((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K₁ ++ [(x, (Mul, a, b))]]}))
Hu': u = InjRV (v, #ℓ)
((Oᵣ) ×ᵣ (ϱ .{[ K₁]}) b +ᵣ (ϱ .{[ K₁]}) a ×ᵣ (Oᵣ)) =ᵣ Oᵣ
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x, a, b, u, v: val
: loc
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hu: u = InjRV (v, #ℓ)
Hux: x ≠ u
Hua: a ≠ u
Hub: b ≠ u
d: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ u .at ((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K₁ ++ [(x, (Add, a, b))]]}))
Hu': u = InjRV (v, #ℓ)

(Oᵣ +ᵣ Oᵣ) =ᵣ Oᵣ
rewrite (SRadd_0_l is_semi_ring); done.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x, a, b, u, v: val
: loc
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hu: u = InjRV (v, #ℓ)
Hux: x ≠ u
Hua: a ≠ u
Hub: b ≠ u
d: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ u .at ((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K₁ ++ [(x, (Mul, a, b))]]}))
Hu': u = InjRV (v, #ℓ)

((Oᵣ) ×ᵣ (ϱ .{[ K₁]}) b +ᵣ (ϱ .{[ K₁]}) a ×ᵣ (Oᵣ)) =ᵣ Oᵣ
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x, a, b, u, v: val
: loc
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hu: u = InjRV (v, #ℓ)
Hux: x ≠ u
Hua: a ≠ u
Hub: b ≠ u
d: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ u .at ((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K₁ ++ [(x, (Mul, a, b))]]}))
Hu': u = InjRV (v, #ℓ)

(Oᵣ +ᵣ (ϱ .{[ K₁]}) a ×ᵣ (Oᵣ)) =ᵣ Oᵣ
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x, a, b, u, v: val
: loc
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hu: u = InjRV (v, #ℓ)
Hux: x ≠ u
Hua: a ≠ u
Hub: b ≠ u
d: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ u .at ((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K₁ ++ [(x, (Mul, a, b))]]}))
Hu': u = InjRV (v, #ℓ)

(Oᵣ +ᵣ (Oᵣ) ×ᵣ (ϱ .{[ K₁]}) a) =ᵣ Oᵣ
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x, a, b, u, v: val
: loc
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hu: u = InjRV (v, #ℓ)
Hux: x ≠ u
Hua: a ≠ u
Hub: b ≠ u
d: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ u .at ((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ K₁ ++ [(x, (Mul, a, b))]]}))
Hu': u = InjRV (v, #ℓ)

(Oᵣ +ᵣ Oᵣ) =ᵣ Oᵣ
rewrite (SRadd_0_l is_semi_ring); done. } Qed. (* Remark: the first assumptions could be suppressed, but in the actual proof they are easily met. *)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val

( a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)) → NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]) → x ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)] → b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)] → backward_inv (K₁ ++ [(x, (op, a, b))]) K₂ y -∗ mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y x ∗ both_mapto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a b ∗ (both_mapto_diff K₁ ((x, (op, a, b)) :: K₂) y a b -∗ backward_inv K₁ ((x, (op, a, b)) :: K₂) y)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val

( a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)) → NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]) → x ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)] → b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); InjRV (nᵣ, #ℓₓ)] → backward_inv (K₁ ++ [(x, (op, a, b))]) K₂ y -∗ mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y x ∗ both_mapto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a b ∗ (both_mapto_diff K₁ ((x, (op, a, b)) :: K₂) y a b -∗ backward_inv K₁ ((x, (op, a, b)) :: K₂) y)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val

( a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)) → NoDup (defs K₁ ++ [aₓ]) → x ∉ defs K₁ ++ [aₓ] → a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ] → b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ] → backward_inv (K₁ ++ [(x, (op, a, b))]) K₂ y -∗ mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y x ∗ both_mapto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a b ∗ (both_mapto_diff K₁ ((x, (op, a, b)) :: K₂) y a b -∗ backward_inv K₁ ((x, (op, a, b)) :: K₂) y)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R

( a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)) → NoDup (defs K₁ ++ [aₓ]) → x ∉ defs K₁ ++ [aₓ] → a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ] → b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ] → backward_inv (K₁ ++ [(x, (op, a, b))]) K₂ y -∗ mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y x ∗ both_mapto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a b ∗ (both_mapto_diff K₁ ((x, (op, a, b)) :: K₂) y a b -∗ backward_inv K₁ ((x, (op, a, b)) :: K₂) y)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]

backward_inv (K₁ ++ [(x, (op, a, b))]) K₂ y -∗ mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y x ∗ both_mapto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a b ∗ (both_mapto_diff K₁ ((x, (op, a, b)) :: K₂) y a b -∗ backward_inv K₁ ((x, (op, a, b)) :: K₂) y)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
H: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}))

"HK₁" : [∗ list] u ∈ (defs (K₁ ++ [(x, (op, a, b))]) ++ [InjRV (nᵣ, #ℓₓ)]), (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y u ∗ ⌜u = InjRV (v, #ℓ)⌝ --------------------------------------∗ mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y x ∗ both_mapto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a b ∗ (both_mapto_diff K₁ ((x, (op, a, b)) :: K₂) y a b -∗ backward_inv K₁ ((x, (op, a, b)) :: K₂) y)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}))

"HK₁" : [∗ list] u ∈ (defs (K₁ ++ [(x, (op, a, b))]) ++ [InjRV (nᵣ, #ℓₓ)]), (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y u ∗ ⌜u = InjRV (v, #ℓ)⌝ --------------------------------------∗ mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y x ∗ both_mapto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a b ∗ (both_mapto_diff K₁ ((x, (op, a, b)) :: K₂) y a b -∗ backward_inv K₁ ((x, (op, a, b)) :: K₂) y)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)

"HK₁" : [∗ list] u ∈ (defs (K₁ ++ [(x, (op, a, b))]) ++ [InjRV (nᵣ, #ℓₓ)]), (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y u ∗ ⌜u = InjRV (v, #ℓ)⌝ --------------------------------------∗ mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y x ∗ both_mapto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a b ∗ (both_mapto_diff K₁ ((x, (op, a, b)) :: K₂) y a b -∗ backward_inv K₁ ((x, (op, a, b)) :: K₂) y)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)

"HK₁" : [∗ list] u ∈ (defs (K₁ ++ [(x, (op, a, b))]) ++ [aₓ]), (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y u ∗ ⌜u = InjRV (v, #ℓ)⌝ --------------------------------------∗ mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y x ∗ both_mapto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a b ∗ (both_mapto_diff K₁ ((x, (op, a, b)) :: K₂) y a b -∗ backward_inv K₁ ((x, (op, a, b)) :: K₂) y)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)

"HK₁" : [∗ list] u ∈ ((defs K₁ ++ [x]) ++ [aₓ]), (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y u ∗ ⌜ u = InjRV (v, #ℓ)⌝ --------------------------------------∗ mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y x ∗ both_mapto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a b ∗ (both_mapto_diff K₁ ((x, (op, a, b)) :: K₂) y a b -∗ backward_inv K₁ ((x, (op, a, b)) :: K₂) y)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)

"HK₁" : [∗ list] x0 ∈ (x :: defs K₁ ++ [aₓ]), (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y x0 ∗ ⌜ x0 = InjRV (v, #ℓ)⌝ --------------------------------------∗ mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y x ∗ both_mapto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a b ∗ (both_mapto_diff K₁ ((x, (op, a, b)) :: K₂) y a b -∗ backward_inv K₁ ((x, (op, a, b)) :: K₂) y)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)

"Hx" : (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y x ∗ ⌜x = InjRV (v, #ℓ)⌝ "HK₁" : [∗ list] y0 ∈ (defs K₁ ++ [aₓ]), (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y0 ∗ ⌜y0 = InjRV (v, #ℓ)⌝ --------------------------------------∗ mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y x ∗ both_mapto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a b ∗ (both_mapto_diff K₁ ((x, (op, a, b)) :: K₂) y a b -∗ backward_inv K₁ ((x, (op, a, b)) :: K₂) y)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc

"HK₁" : [∗ list] y0 ∈ (defs K₁ ++ [aₓ]), (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y0 ∗ ⌜y0 = InjRV (v, #ℓ)⌝ --------------------------------------∗ both_mapto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a b ∗ (both_mapto_diff K₁ ((x, (op, a, b)) :: K₂) y a b -∗ backward_inv K₁ ((x, (op, a, b)) :: K₂) y)
(* TODO: cleanup. *)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc

(a ∈ defs K₁ ++ [aₓ] ∨ a = InjLV (InjLV #()) ∨ a = InjLV (InjRV #())) ∧ (b ∈ defs K₁ ++ [aₓ] ∨ b = InjLV (InjLV #()) ∨ b = InjLV (InjRV #()))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ] ∨ a = InjLV (InjLV #()) ∨ a = InjLV (InjRV #())
Hb': b ∈ defs K₁ ++ [aₓ] ∨ b = InjLV (InjLV #()) ∨ b = InjLV (InjRV #())
"HK₁" : [∗ list] y0 ∈ (defs K₁ ++ [aₓ]), (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y0 ∗ ⌜y0 = InjRV (v, #ℓ)⌝ --------------------------------------∗ both_mapto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a b ∗ (both_mapto_diff K₁ ((x, (op, a, b)) :: K₂) y a b -∗ backward_inv K₁ ((x, (op, a, b)) :: K₂) y)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc

(a ∈ defs K₁ ++ [aₓ] ∨ a = InjLV (InjLV #()) ∨ a = InjLV (InjRV #())) ∧ (b ∈ defs K₁ ++ [aₓ] ∨ b = InjLV (InjLV #()) ∨ b = InjLV (InjRV #()))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc

a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ] → b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ] → (a ∈ defs K₁ ++ [aₓ] ∨ a = InjLV (InjLV #()) ∨ a = InjLV (InjRV #())) ∧ (b ∈ defs K₁ ++ [aₓ] ∨ b = InjLV (InjLV #()) ∨ b = InjLV (InjRV #()))
rewrite !elem_of_app !elem_of_cons; naive_solver.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ] ∨ a = InjLV (InjLV #()) ∨ a = InjLV (InjRV #())
Hb': b ∈ defs K₁ ++ [aₓ] ∨ b = InjLV (InjLV #()) ∨ b = InjLV (InjRV #())

"HK₁" : [∗ list] y0 ∈ (defs K₁ ++ [aₓ]), (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y0 ∗ ⌜y0 = InjRV (v, #ℓ)⌝ --------------------------------------∗ both_mapto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a b ∗ (both_mapto_diff K₁ ((x, (op, a, b)) :: K₂) y a b -∗ backward_inv K₁ ((x, (op, a, b)) :: K₂) y)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': b ∈ defs K₁ ++ [aₓ]

"HK₁" : [∗ list] y0 ∈ (defs K₁ ++ [aₓ]), (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y0 ∗ ⌜y0 = InjRV (v, #ℓ)⌝ --------------------------------------∗ both_mapto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a b ∗ (both_mapto_diff K₁ ((x, (op, a, b)) :: K₂) y a b -∗ backward_inv K₁ ((x, (op, a, b)) :: K₂) y)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': b = InjLV (InjLV #()) ∨ b = InjLV (InjRV #())
"HK₁" : [∗ list] y0 ∈ (defs K₁ ++ [aₓ]), (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y0 ∗ ⌜y0 = InjRV (v, #ℓ)⌝ --------------------------------------∗ both_mapto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a b ∗ (both_mapto_diff K₁ ((x, (op, a, b)) :: K₂) y a b -∗ backward_inv K₁ ((x, (op, a, b)) :: K₂) y)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a = InjLV (InjLV #()) ∨ a = InjLV (InjRV #())
Hb': b ∈ defs K₁ ++ [aₓ]
"HK₁" : [∗ list] y0 ∈ (defs K₁ ++ [aₓ]), (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y0 ∗ ⌜y0 = InjRV (v, #ℓ)⌝ --------------------------------------∗ both_mapto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a b ∗ (both_mapto_diff K₁ ((x, (op, a, b)) :: K₂) y a b -∗ backward_inv K₁ ((x, (op, a, b)) :: K₂) y)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a = InjLV (InjLV #()) ∨ a = InjLV (InjRV #())
Hb': b = InjLV (InjLV #()) ∨ b = InjLV (InjRV #())
"HK₁" : [∗ list] y0 ∈ (defs K₁ ++ [aₓ]), (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y0 ∗ ⌜y0 = InjRV (v, #ℓ)⌝ --------------------------------------∗ both_mapto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a b ∗ (both_mapto_diff K₁ ((x, (op, a, b)) :: K₂) y a b -∗ backward_inv K₁ ((x, (op, a, b)) :: K₂) y)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': b ∈ defs K₁ ++ [aₓ]

"HK₁" : [∗ list] y0 ∈ (defs K₁ ++ [aₓ]), (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y0 ∗ ⌜y0 = InjRV (v, #ℓ)⌝ --------------------------------------∗ both_mapto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a b ∗ (both_mapto_diff K₁ ((x, (op, a, b)) :: K₂) y a b -∗ backward_inv K₁ ((x, (op, a, b)) :: K₂) y)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': b ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some a

"HK₁" : [∗ list] y0 ∈ (defs K₁ ++ [aₓ]), (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y0 ∗ ⌜y0 = InjRV (v, #ℓ)⌝ --------------------------------------∗ both_mapto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a b ∗ (both_mapto_diff K₁ ((x, (op, a, b)) :: K₂) y a b -∗ backward_inv K₁ ((x, (op, a, b)) :: K₂) y)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': b ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some a
j: nat
Hj: (defs K₁ ++ [aₓ]) !! j = Some b

"HK₁" : [∗ list] y0 ∈ (defs K₁ ++ [aₓ]), (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y0 ∗ ⌜y0 = InjRV (v, #ℓ)⌝ --------------------------------------∗ both_mapto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a b ∗ (both_mapto_diff K₁ ((x, (op, a, b)) :: K₂) y a b -∗ backward_inv K₁ ((x, (op, a, b)) :: K₂) y)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': b ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some a
j: nat
Hj: (defs K₁ ++ [aₓ]) !! j = Some b

"HK₁" : ( (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a ∗ ⌜a = InjRV (v, #ℓ)⌝) ∗ ([∗ list] k↦y0 ∈ (defs K₁ ++ [aₓ]), ⌜k ≠ i⌝ → (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y0 ∗ ⌜ y0 = InjRV (v, #ℓ)⌝) --------------------------------------∗ both_mapto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a b ∗ (both_mapto_diff K₁ ((x, (op, a, b)) :: K₂) y a b -∗ backward_inv K₁ ((x, (op, a, b)) :: K₂) y)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': b ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some a
j: nat
Hj: (defs K₁ ++ [aₓ]) !! j = Some b

"HK₁" : ( (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a ∗ ⌜a = InjRV (v, #ℓ)⌝) ∗ (⌜j ≠ i⌝ → (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y b ∗ ⌜b = InjRV (v, #ℓ)⌝) ∗ ([∗ list] k↦y0 ∈ (defs K₁ ++ [aₓ]), ⌜k ≠ j⌝ → ⌜k ≠ i⌝ → (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y0 ∗ ⌜ y0 = InjRV (v, #ℓ)⌝) --------------------------------------∗ both_mapto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a b ∗ (both_mapto_diff K₁ ((x, (op, a, b)) :: K₂) y a b -∗ backward_inv K₁ ((x, (op, a, b)) :: K₂) y)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': b ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some a
j: nat
Hj: (defs K₁ ++ [aₓ]) !! j = Some b

"Ha" : (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a ∗ ⌜a = InjRV (v, #ℓ)⌝ "Hb" : ⌜j ≠ i⌝ → (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y b ∗ ⌜b = InjRV (v, #ℓ)⌝ "HK₁" : [∗ list] k↦y0 ∈ (defs K₁ ++ [aₓ]), ⌜k ≠ j⌝ → ⌜k ≠ i⌝ → (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y0 ∗ ⌜ y0 = InjRV (v, #ℓ)⌝ --------------------------------------∗ both_mapto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a b ∗ (both_mapto_diff K₁ ((x, (op, a, b)) :: K₂) y a b -∗ backward_inv K₁ ((x, (op, a, b)) :: K₂) y)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': b ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some a
j: nat
Hj: (defs K₁ ++ [aₓ]) !! j = Some b

"Ha" : (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a ∗ ⌜a = InjRV (v, #ℓ)⌝ --------------------------------------∗ is_adj_var a ∗ mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': b ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some a
j: nat
Hj: (defs K₁ ++ [aₓ]) !! j = Some b
"Hb" : ⌜j ≠ i⌝ → (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y b ∗ ⌜b = InjRV (v, #ℓ)⌝ --------------------------------------∗ ⌜a ≠ b⌝ -∗ is_adj_var b ∗ mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y b
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': b ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some a
j: nat
Hj: (defs K₁ ++ [aₓ]) !! j = Some b
"HK₁" : [∗ list] k↦y0 ∈ (defs K₁ ++ [aₓ]), ⌜k ≠ j⌝ → ⌜k ≠ i⌝ → (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y0 ∗ ⌜y0 = InjRV (v, #ℓ)⌝ --------------------------------------∗ both_mapto_diff K₁ ((x, (op, a, b)) :: K₂) y a b -∗ backward_inv K₁ ((x, (op, a, b)) :: K₂) y
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': b ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some a
j: nat
Hj: (defs K₁ ++ [aₓ]) !! j = Some b

"Ha" : (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a ∗ ⌜a = InjRV (v, #ℓ)⌝ --------------------------------------∗ is_adj_var a ∗ mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
w: val
ℓ': loc
Ha: InjRV (w, #ℓ') ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, InjRV (w, #ℓ'), b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': InjRV (w, #ℓ') ∈ defs K₁ ++ [aₓ]
Hb': b ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some (InjRV (w, #ℓ'))
j: nat
Hj: (defs K₁ ++ [aₓ]) !! j = Some b

"Hy" : mapsto_diff (K₁ ++ [(x, (op, InjRV (w, #ℓ'), b))]) K₂ y (InjRV (w, #ℓ')) --------------------------------------∗ is_adj_var (InjRV (w, #ℓ')) ∗ mapsto_diff (K₁ ++ [(x, (op, InjRV (w, #ℓ'), b))]) K₂ y (InjRV (w, #ℓ'))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
w: val
ℓ': loc
Ha: InjRV (w, #ℓ') ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, InjRV (w, #ℓ'), b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': InjRV (w, #ℓ') ∈ defs K₁ ++ [aₓ]
Hb': b ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some (InjRV (w, #ℓ'))
j: nat
Hj: (defs K₁ ++ [aₓ]) !! j = Some b

--------------------------------------∗ is_adj_var (InjRV (w, #ℓ'))
iPureIntro; right; naive_solver.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': b ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some a
j: nat
Hj: (defs K₁ ++ [aₓ]) !! j = Some b

"Hb" : ⌜j ≠ i⌝ → (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y b ∗ ⌜b = InjRV (v, #ℓ)⌝ --------------------------------------∗ ⌜a ≠ b⌝ -∗ is_adj_var b ∗ mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y b
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': b ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some a
j: nat
Hj: (defs K₁ ++ [aₓ]) !! j = Some b
Hab: a ≠ b

"Hb" : ⌜j ≠ i⌝ → (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y b ∗ ⌜b = InjRV (v, #ℓ)⌝ --------------------------------------∗ is_adj_var b ∗ mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y b
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': b ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some a
j: nat
Hj: (defs K₁ ++ [aₓ]) !! j = Some b
Hab: a ≠ b

"Hb" : (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y b ∗ ⌜b = InjRV (v, #ℓ)⌝ --------------------------------------∗ is_adj_var b ∗ mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y b
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
w: val
ℓ': loc
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, InjRV (w, #ℓ')))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
Hb: InjRV (w, #ℓ') ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': InjRV (w, #ℓ') ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some a
j: nat
Hab: a ≠ InjRV (w, #ℓ')
Hj: (defs K₁ ++ [aₓ]) !! j = Some (InjRV (w, #ℓ'))

"Hy" : mapsto_diff (K₁ ++ [(x, (op, a, InjRV (w, #ℓ')))]) K₂ y (InjRV (w, #ℓ')) --------------------------------------∗ is_adj_var (InjRV (w, #ℓ')) ∗ mapsto_diff (K₁ ++ [(x, (op, a, InjRV (w, #ℓ')))]) K₂ y (InjRV (w, #ℓ'))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
w: val
ℓ': loc
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, InjRV (w, #ℓ')))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
Hb: InjRV (w, #ℓ') ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': InjRV (w, #ℓ') ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some a
j: nat
Hab: a ≠ InjRV (w, #ℓ')
Hj: (defs K₁ ++ [aₓ]) !! j = Some (InjRV (w, #ℓ'))

--------------------------------------∗ is_adj_var (InjRV (w, #ℓ'))
iPureIntro; right; naive_solver.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': b ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some a
j: nat
Hj: (defs K₁ ++ [aₓ]) !! j = Some b

"HK₁" : [∗ list] k↦y0 ∈ (defs K₁ ++ [aₓ]), ⌜k ≠ j⌝ → ⌜k ≠ i⌝ → (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y0 ∗ ⌜ y0 = InjRV (v, #ℓ)⌝ --------------------------------------∗ both_mapto_diff K₁ ((x, (op, a, b)) :: K₂) y a b -∗ backward_inv K₁ ((x, (op, a, b)) :: K₂) y
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': b ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some a
j: nat
Hj: (defs K₁ ++ [aₓ]) !! j = Some b
av: val
ℓa: loc
Ha'': a = InjRV (av, #ℓa)

"HK₁" : [∗ list] k↦y0 ∈ (defs K₁ ++ [aₓ]), ⌜k ≠ j⌝ → ⌜k ≠ i⌝ → (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y0 ∗ ⌜ y0 = InjRV (v, #ℓ)⌝ --------------------------------------∗ both_mapto_diff K₁ ((x, (op, a, b)) :: K₂) y a b -∗ backward_inv K₁ ((x, (op, a, b)) :: K₂) y
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': b ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some a
j: nat
Hj: (defs K₁ ++ [aₓ]) !! j = Some b
av: val
ℓa: loc
Ha'': a = InjRV (av, #ℓa)
bv: val
ℓb: loc
Hb'': b = InjRV (bv, #ℓb)

"HK₁" : [∗ list] k↦y0 ∈ (defs K₁ ++ [aₓ]), ⌜k ≠ j⌝ → ⌜k ≠ i⌝ → (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y0 ∗ ⌜ y0 = InjRV (v, #ℓ)⌝ --------------------------------------∗ both_mapto_diff K₁ ((x, (op, a, b)) :: K₂) y a b -∗ backward_inv K₁ ((x, (op, a, b)) :: K₂) y
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': b ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some a
j: nat
Hj: (defs K₁ ++ [aₓ]) !! j = Some b
av: val
ℓa: loc
Ha'': a = InjRV (av, #ℓa)
bv: val
ℓb: loc
Hb'': b = InjRV (bv, #ℓb)

"HK₁" : [∗ list] k↦y0 ∈ (defs K₁ ++ [aₓ]), ⌜k ≠ j⌝ → ⌜k ≠ i⌝ → (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y0 ∗ ⌜ y0 = InjRV (v, #ℓ)⌝ "Ha" : mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y a "Hb" : ⌜a ≠ b⌝ -∗ is_adj_var b ∗ mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y b --------------------------------------∗ backward_inv K₁ ((x, (op, a, b)) :: K₂) y
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': b ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some a
j: nat
Hj: (defs K₁ ++ [aₓ]) !! j = Some b
av: val
ℓa: loc
Ha'': a = InjRV (av, #ℓa)
bv: val
ℓb: loc
Hb'': b = InjRV (bv, #ℓb)

"HK₁" : [∗ list] k↦y0 ∈ (defs K₁ ++ [aₓ]), ⌜k ≠ j⌝ → ⌜k ≠ i⌝ → (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y0 ∗ ⌜ y0 = InjRV (v, #ℓ)⌝ "Ha" : mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y a "Hb" : ⌜a ≠ b⌝ -∗ is_adj_var b ∗ mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y b --------------------------------------∗ [∗ list] u ∈ (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]), (v : val) ( : loc), mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y u ∗ ⌜ u = InjRV (v, #ℓ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': b ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some a
j: nat
Hj: (defs K₁ ++ [aₓ]) !! j = Some b
av: val
ℓa: loc
Ha'': a = InjRV (av, #ℓa)
bv: val
ℓb: loc
Hb'': b = InjRV (bv, #ℓb)

"HK₁" : [∗ list] k↦y0 ∈ (defs K₁ ++ [aₓ]), ⌜k ≠ j⌝ → ⌜k ≠ i⌝ → (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y0 ∗ ⌜ y0 = InjRV (v, #ℓ)⌝ "Ha" : mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y a "Hb" : ⌜a ≠ b⌝ -∗ is_adj_var b ∗ mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y b --------------------------------------∗ ( (H : val) ( : loc), mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y a ∗ ⌜a = InjRV (H, #ℓ)⌝) ∗ ([∗ list] k↦y0 ∈ (defs K₁ ++ [aₓ]), ⌜k ≠ i⌝ → (H : val) ( : loc), mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y y0 ∗ ⌜y0 = InjRV (H, #ℓ)⌝)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': b ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some a
j: nat
Hj: (defs K₁ ++ [aₓ]) !! j = Some b
av: val
ℓa: loc
Ha'': a = InjRV (av, #ℓa)
bv: val
ℓb: loc
Hb'': b = InjRV (bv, #ℓb)

"HK₁" : [∗ list] k↦y0 ∈ (defs K₁ ++ [aₓ]), ⌜k ≠ j⌝ → ⌜k ≠ i⌝ → (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y0 ∗ ⌜ y0 = InjRV (v, #ℓ)⌝ "Ha" : mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y a "Hb" : ⌜a ≠ b⌝ -∗ is_adj_var b ∗ mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y b --------------------------------------∗ ( (H : val) ( : loc), mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y a ∗ ⌜a = InjRV (H, #ℓ)⌝) ∗ (⌜j ≠ i⌝ → (H : val) ( : loc), mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y b ∗ ⌜b = InjRV (H, #ℓ)⌝) ∗ ([∗ list] k↦y0 ∈ (defs K₁ ++ [aₓ]), ⌜k ≠ j⌝ → ⌜k ≠ i⌝ → (H : val) ( : loc), mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y y0 ∗ ⌜y0 = InjRV (H, #ℓ)⌝)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': b ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some a
j: nat
Hj: (defs K₁ ++ [aₓ]) !! j = Some b
av: val
ℓa: loc
Ha'': a = InjRV (av, #ℓa)
bv: val
ℓb: loc
Hb'': b = InjRV (bv, #ℓb)

"Hb" : ⌜a ≠ b⌝ -∗ is_adj_var b ∗ mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y b --------------------------------------∗ ⌜j ≠ i⌝ → (H : val) ( : loc), mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y b ∗ ⌜b = InjRV (H, #ℓ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': b ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some a
j: nat
Hj: (defs K₁ ++ [aₓ]) !! j = Some b
av: val
ℓa: loc
Ha'': a = InjRV (av, #ℓa)
bv: val
ℓb: loc
Hb'': b = InjRV (bv, #ℓb)
"HK₁" : [∗ list] k↦y0 ∈ (defs K₁ ++ [aₓ]), ⌜k ≠ j⌝ → ⌜k ≠ i⌝ → (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y0 ∗ ⌜y0 = InjRV (v, #ℓ)⌝ --------------------------------------∗ [∗ list] k↦y0 ∈ (defs K₁ ++ [aₓ]), ⌜k ≠ j⌝ → ⌜k ≠ i⌝ → (H : val) ( : loc), mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y y0 ∗ ⌜y0 = InjRV (H, #ℓ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': b ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some a
j: nat
Hj: (defs K₁ ++ [aₓ]) !! j = Some b
av: val
ℓa: loc
Ha'': a = InjRV (av, #ℓa)
bv: val
ℓb: loc
Hb'': b = InjRV (bv, #ℓb)

"Hb" : ⌜a ≠ b⌝ -∗ is_adj_var b ∗ mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y b --------------------------------------∗ ⌜j ≠ i⌝ → (H : val) ( : loc), mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y b ∗ ⌜b = InjRV (H, #ℓ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': b ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some a
j: nat
Hj: (defs K₁ ++ [aₓ]) !! j = Some b
av: val
ℓa: loc
Ha'': a = InjRV (av, #ℓa)
bv: val
ℓb: loc
Hb'': b = InjRV (bv, #ℓb)
Hij: j ≠ i

"Hb" : ⌜a ≠ b⌝ -∗ is_adj_var b ∗ mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y b --------------------------------------∗ (H : val) ( : loc), mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y b ∗ ⌜b = InjRV (H, #ℓ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': b ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some a
j: nat
Hj: (defs K₁ ++ [aₓ]) !! j = Some b
av: val
ℓa: loc
Ha'': a = InjRV (av, #ℓa)
bv: val
ℓb: loc
Hb'': b = InjRV (bv, #ℓb)
Hij: j ≠ i

"Hb" : mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y b --------------------------------------∗ (H : val) ( : loc), mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y b ∗ ⌜b = InjRV (H, #ℓ)⌝
by iExists bv, ℓb; iFrame.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': b ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some a
j: nat
Hj: (defs K₁ ++ [aₓ]) !! j = Some b
av: val
ℓa: loc
Ha'': a = InjRV (av, #ℓa)
bv: val
ℓb: loc
Hb'': b = InjRV (bv, #ℓb)

"HK₁" : [∗ list] k↦y0 ∈ (defs K₁ ++ [aₓ]), ⌜k ≠ j⌝ → ⌜k ≠ i⌝ → (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y0 ∗ ⌜ y0 = InjRV (v, #ℓ)⌝ --------------------------------------∗ [∗ list] k↦y0 ∈ (defs K₁ ++ [aₓ]), ⌜k ≠ j⌝ → ⌜k ≠ i⌝ → (H : val) ( : loc), mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y y0 ∗ ⌜y0 = InjRV (H, #ℓ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': b ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some a
j: nat
Hj: (defs K₁ ++ [aₓ]) !! j = Some b
av: val
ℓa: loc
Ha'': a = InjRV (av, #ℓa)
bv: val
ℓb: loc
Hb'': b = InjRV (bv, #ℓb)

(k : nat) (y0 : val), (defs K₁ ++ [aₓ]) !! k = Some y0 → (λ (k0 : nat) (y1 : val), ⌜k0 ≠ j⌝ → ⌜k0 ≠ i⌝ → (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y1 ∗ ⌜y1 = InjRV (v, #ℓ)⌝) k y0 -∗ (λ (k0 : nat) (y1 : val), ⌜k0 ≠ j⌝ → ⌜k0 ≠ i⌝ → (H : val) ( : loc), mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y y1 ∗ ⌜y1 = InjRV (H, #ℓ)⌝) k y0
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': b ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some a
j: nat
Hj: (defs K₁ ++ [aₓ]) !! j = Some b
av: val
ℓa: loc
Ha'': a = InjRV (av, #ℓa)
bv: val
ℓb: loc
Hb'': b = InjRV (bv, #ℓb)
k: nat
u: val
Hk: (defs K₁ ++ [aₓ]) !! k = Some u

"Hu" : ⌜k ≠ j⌝ → ⌜k ≠ i⌝ → (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y u ∗ ⌜u = InjRV (v, #ℓ)⌝ --------------------------------------∗ ⌜k ≠ j⌝ → ⌜k ≠ i⌝ → (H : val) ( : loc), mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y u ∗ ⌜u = InjRV (H, #ℓ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': b ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some a
j: nat
Hj: (defs K₁ ++ [aₓ]) !! j = Some b
av: val
ℓa: loc
Ha'': a = InjRV (av, #ℓa)
bv: val
ℓb: loc
Hb'': b = InjRV (bv, #ℓb)
k: nat
u: val
Hk: (defs K₁ ++ [aₓ]) !! k = Some u
Hkj: k ≠ j
Hki: k ≠ i

"Hu" : ⌜k ≠ j⌝ → ⌜k ≠ i⌝ → (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y u ∗ ⌜u = InjRV (v, #ℓ)⌝ --------------------------------------∗ (H : val) ( : loc), mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y u ∗ ⌜u = InjRV (H, #ℓ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': b ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some a
j: nat
Hj: (defs K₁ ++ [aₓ]) !! j = Some b
av: val
ℓa: loc
Ha'': a = InjRV (av, #ℓa)
bv: val
ℓb: loc
Hb'': b = InjRV (bv, #ℓb)
k: nat
u: val
Hk: (defs K₁ ++ [aₓ]) !! k = Some u
Hkj: k ≠ j
Hki: k ≠ i
H: u ∈ defs K₁ ++ [aₓ]

"Hu" : ⌜k ≠ j⌝ → ⌜k ≠ i⌝ → (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y u ∗ ⌜u = InjRV (v, #ℓ)⌝ --------------------------------------∗ (H : val) ( : loc), mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y u ∗ ⌜u = InjRV (H, #ℓ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': b ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some a
j: nat
Hj: (defs K₁ ++ [aₓ]) !! j = Some b
av: val
ℓa: loc
Ha'': a = InjRV (av, #ℓa)
bv: val
ℓb: loc
Hb'': b = InjRV (bv, #ℓb)
k: nat
w: val
ℓ': loc
Hk: (defs K₁ ++ [aₓ]) !! k = Some (InjRV (w, #ℓ'))
Hkj: k ≠ j
Hki: k ≠ i
H: InjRV (w, #ℓ') ∈ defs K₁ ++ [aₓ]

"Hu" : mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y (InjRV (w, #ℓ')) --------------------------------------∗ (H : val) ( : loc), mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y (InjRV (w, #ℓ')) ∗ ⌜InjRV (w, #ℓ') = InjRV (H, #ℓ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': b ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some a
j: nat
Hj: (defs K₁ ++ [aₓ]) !! j = Some b
av: val
ℓa: loc
Ha'': a = InjRV (av, #ℓa)
bv: val
ℓb: loc
Hb'': b = InjRV (bv, #ℓb)
k: nat
w: val
ℓ': loc
Hk: (defs K₁ ++ [aₓ]) !! k = Some (InjRV (w, #ℓ'))
Hkj: k ≠ j
Hki: k ≠ i
H: InjRV (w, #ℓ') ∈ defs K₁ ++ [aₓ]

"Hu" : mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y (InjRV (w, #ℓ')) --------------------------------------∗ mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y (InjRV (w, #ℓ')) ∗ ⌜InjRV (w, #ℓ') = InjRV (w, #ℓ')⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': b ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some a
j: nat
Hj: (defs K₁ ++ [aₓ]) !! j = Some b
av: val
ℓa: loc
Ha'': a = InjRV (av, #ℓa)
bv: val
ℓb: loc
Hb'': b = InjRV (bv, #ℓb)
k: nat
w: val
ℓ': loc
Hk: (defs K₁ ++ [aₓ]) !! k = Some (InjRV (w, #ℓ'))
Hkj: k ≠ j
Hki: k ≠ i
H: InjRV (w, #ℓ') ∈ defs K₁ ++ [aₓ]

"Hu" : mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y (InjRV (w, #ℓ')) --------------------------------------∗ mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y (InjRV (w, #ℓ'))
iApply (mapsto_diff_update with "Hu"); [done| | | ]; intros ->; [done | by destruct (NoDup_lookup _ _ _ _ HND Hk Hi) | by destruct (NoDup_lookup _ _ _ _ HND Hk Hj) ].
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': b = InjLV (InjLV #()) ∨ b = InjLV (InjRV #())

"HK₁" : [∗ list] y0 ∈ (defs K₁ ++ [aₓ]), (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y0 ∗ ⌜y0 = InjRV (v, #ℓ)⌝ --------------------------------------∗ both_mapto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a b ∗ (both_mapto_diff K₁ ((x, (op, a, b)) :: K₂) y a b -∗ backward_inv K₁ ((x, (op, a, b)) :: K₂) y)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a = InjLV (InjLV #()) ∨ a = InjLV (InjRV #())
Hb': b ∈ defs K₁ ++ [aₓ]
"HK₁" : [∗ list] y0 ∈ (defs K₁ ++ [aₓ]), (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y0 ∗ ⌜y0 = InjRV (v, #ℓ)⌝ --------------------------------------∗ both_mapto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a b ∗ (both_mapto_diff K₁ ((x, (op, a, b)) :: K₂) y a b -∗ backward_inv K₁ ((x, (op, a, b)) :: K₂) y)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a = InjLV (InjLV #()) ∨ a = InjLV (InjRV #())
Hb': b = InjLV (InjLV #()) ∨ b = InjLV (InjRV #())
"HK₁" : [∗ list] y0 ∈ (defs K₁ ++ [aₓ]), (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y0 ∗ ⌜y0 = InjRV (v, #ℓ)⌝ --------------------------------------∗ both_mapto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a b ∗ (both_mapto_diff K₁ ((x, (op, a, b)) :: K₂) y a b -∗ backward_inv K₁ ((x, (op, a, b)) :: K₂) y)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': b = InjLV (InjLV #()) ∨ b = InjLV (InjRV #())

"HK₁" : [∗ list] y0 ∈ (defs K₁ ++ [aₓ]), (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y0 ∗ ⌜y0 = InjRV (v, #ℓ)⌝ --------------------------------------∗ both_mapto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a b ∗ (both_mapto_diff K₁ ((x, (op, a, b)) :: K₂) y a b -∗ backward_inv K₁ ((x, (op, a, b)) :: K₂) y)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': b = InjLV (InjLV #()) ∨ b = InjLV (InjRV #())
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some a

"HK₁" : [∗ list] y0 ∈ (defs K₁ ++ [aₓ]), (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y0 ∗ ⌜y0 = InjRV (v, #ℓ)⌝ --------------------------------------∗ both_mapto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a b ∗ (both_mapto_diff K₁ ((x, (op, a, b)) :: K₂) y a b -∗ backward_inv K₁ ((x, (op, a, b)) :: K₂) y)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': b = InjLV (InjLV #()) ∨ b = InjLV (InjRV #())
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some a

"HK₁" : ( (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a ∗ ⌜a = InjRV (v, #ℓ)⌝) ∗ ([∗ list] k↦y0 ∈ (defs K₁ ++ [aₓ]), ⌜k ≠ i⌝ → (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y0 ∗ ⌜ y0 = InjRV (v, #ℓ)⌝) --------------------------------------∗ both_mapto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a b ∗ (both_mapto_diff K₁ ((x, (op, a, b)) :: K₂) y a b -∗ backward_inv K₁ ((x, (op, a, b)) :: K₂) y)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': b = InjLV (InjLV #()) ∨ b = InjLV (InjRV #())
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some a
av: val
ℓa: loc
Ha'': a = InjRV (av, #ℓa)

"HK₁" : ( (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a ∗ ⌜a = InjRV (v, #ℓ)⌝) ∗ ([∗ list] k↦y0 ∈ (defs K₁ ++ [aₓ]), ⌜k ≠ i⌝ → (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y0 ∗ ⌜ y0 = InjRV (v, #ℓ)⌝) --------------------------------------∗ both_mapto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a b ∗ (both_mapto_diff K₁ ((x, (op, a, b)) :: K₂) y a b -∗ backward_inv K₁ ((x, (op, a, b)) :: K₂) y)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': b = InjLV (InjLV #()) ∨ b = InjLV (InjRV #())
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some a
av: val
ℓa: loc
Ha'': a = InjRV (av, #ℓa)

"Ha" : (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a ∗ ⌜a = InjRV (v, #ℓ)⌝ "HK₁" : [∗ list] k↦y0 ∈ (defs K₁ ++ [aₓ]), ⌜k ≠ i⌝ → (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y0 ∗ ⌜ y0 = InjRV (v, #ℓ)⌝ --------------------------------------∗ both_mapto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a b ∗ (both_mapto_diff K₁ ((x, (op, a, b)) :: K₂) y a b -∗ backward_inv K₁ ((x, (op, a, b)) :: K₂) y)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': b = InjLV (InjLV #()) ∨ b = InjLV (InjRV #())
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some a
av: val
ℓa: loc
Ha'': a = InjRV (av, #ℓa)

"Ha" : (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a ∗ ⌜a = InjRV (v, #ℓ)⌝ --------------------------------------∗ is_adj_var a ∗ mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': b = InjLV (InjLV #()) ∨ b = InjLV (InjRV #())
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some a
av: val
ℓa: loc
Ha'': a = InjRV (av, #ℓa)
--------------------------------------∗ ⌜a ≠ b⌝ -∗ is_adj_var b ∗ mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y b
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': b = InjLV (InjLV #()) ∨ b = InjLV (InjRV #())
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some a
av: val
ℓa: loc
Ha'': a = InjRV (av, #ℓa)
"HK₁" : [∗ list] k↦y0 ∈ (defs K₁ ++ [aₓ]), ⌜k ≠ i⌝ → (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y0 ∗ ⌜y0 = InjRV (v, #ℓ)⌝ --------------------------------------∗ both_mapto_diff K₁ ((x, (op, a, b)) :: K₂) y a b -∗ backward_inv K₁ ((x, (op, a, b)) :: K₂) y
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': b = InjLV (InjLV #()) ∨ b = InjLV (InjRV #())
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some a
av: val
ℓa: loc
Ha'': a = InjRV (av, #ℓa)

"Ha" : (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a ∗ ⌜a = InjRV (v, #ℓ)⌝ --------------------------------------∗ is_adj_var a ∗ mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
w: val
ℓ': loc
Ha: InjRV (w, #ℓ') ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, InjRV (w, #ℓ'), b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': InjRV (w, #ℓ') ∈ defs K₁ ++ [aₓ]
Hb': b = InjLV (InjLV #()) ∨ b = InjLV (InjRV #())
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some (InjRV (w, #ℓ'))
av: val
ℓa: loc
Ha'': InjRV (w, #ℓ') = InjRV (av, #ℓa)

"Hy" : mapsto_diff (K₁ ++ [(x, (op, InjRV (w, #ℓ'), b))]) K₂ y (InjRV (w, #ℓ')) --------------------------------------∗ is_adj_var (InjRV (w, #ℓ')) ∗ mapsto_diff (K₁ ++ [(x, (op, InjRV (w, #ℓ'), b))]) K₂ y (InjRV (w, #ℓ'))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
w: val
ℓ': loc
Ha: InjRV (w, #ℓ') ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, InjRV (w, #ℓ'), b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': InjRV (w, #ℓ') ∈ defs K₁ ++ [aₓ]
Hb': b = InjLV (InjLV #()) ∨ b = InjLV (InjRV #())
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some (InjRV (w, #ℓ'))
av: val
ℓa: loc
Ha'': InjRV (w, #ℓ') = InjRV (av, #ℓa)

--------------------------------------∗ is_adj_var (InjRV (w, #ℓ'))
iPureIntro; right; naive_solver.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': b = InjLV (InjLV #()) ∨ b = InjLV (InjRV #())
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some a
av: val
ℓa: loc
Ha'': a = InjRV (av, #ℓa)

--------------------------------------∗ ⌜a ≠ b⌝ -∗ is_adj_var b ∗ mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y b
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': b = InjLV (InjLV #()) ∨ b = InjLV (InjRV #())
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some a
av: val
ℓa: loc
Ha'': a = InjRV (av, #ℓa)

--------------------------------------∗ is_adj_var b ∗ mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y b
iSplit;[ by iPureIntro; left; naive_solver | by iIntros (v' ℓ' Heq); inversion Heq; naive_solver].
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': b = InjLV (InjLV #()) ∨ b = InjLV (InjRV #())
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some a
av: val
ℓa: loc
Ha'': a = InjRV (av, #ℓa)

"HK₁" : [∗ list] k↦y0 ∈ (defs K₁ ++ [aₓ]), ⌜k ≠ i⌝ → (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y0 ∗ ⌜ y0 = InjRV (v, #ℓ)⌝ --------------------------------------∗ both_mapto_diff K₁ ((x, (op, a, b)) :: K₂) y a b -∗ backward_inv K₁ ((x, (op, a, b)) :: K₂) y
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': b = InjLV (InjLV #()) ∨ b = InjLV (InjRV #())
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some a
av: val
ℓa: loc
Ha'': a = InjRV (av, #ℓa)

"HK₁" : [∗ list] k↦y0 ∈ (defs K₁ ++ [aₓ]), ⌜k ≠ i⌝ → (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y0 ∗ ⌜ y0 = InjRV (v, #ℓ)⌝ "Ha" : mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y a --------------------------------------∗ backward_inv K₁ ((x, (op, a, b)) :: K₂) y
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': b = InjLV (InjLV #()) ∨ b = InjLV (InjRV #())
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some a
av: val
ℓa: loc
Ha'': a = InjRV (av, #ℓa)

"HK₁" : [∗ list] k↦y0 ∈ (defs K₁ ++ [aₓ]), ⌜k ≠ i⌝ → (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y0 ∗ ⌜ y0 = InjRV (v, #ℓ)⌝ "Ha" : mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y a --------------------------------------∗ [∗ list] u ∈ (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]), (v : val) ( : loc), mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y u ∗ ⌜ u = InjRV (v, #ℓ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': b = InjLV (InjLV #()) ∨ b = InjLV (InjRV #())
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some a
av: val
ℓa: loc
Ha'': a = InjRV (av, #ℓa)

"HK₁" : [∗ list] k↦y0 ∈ (defs K₁ ++ [aₓ]), ⌜k ≠ i⌝ → (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y0 ∗ ⌜ y0 = InjRV (v, #ℓ)⌝ "Ha" : mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y a --------------------------------------∗ ( (H : val) ( : loc), mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y a ∗ ⌜a = InjRV (H, #ℓ)⌝) ∗ ([∗ list] k↦y0 ∈ (defs K₁ ++ [aₓ]), ⌜k ≠ i⌝ → (H : val) ( : loc), mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y y0 ∗ ⌜y0 = InjRV (H, #ℓ)⌝)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': b = InjLV (InjLV #()) ∨ b = InjLV (InjRV #())
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some a
av: val
ℓa: loc
Ha'': a = InjRV (av, #ℓa)

"HK₁" : [∗ list] k↦y0 ∈ (defs K₁ ++ [aₓ]), ⌜k ≠ i⌝ → (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y0 ∗ ⌜ y0 = InjRV (v, #ℓ)⌝ --------------------------------------∗ [∗ list] k↦y0 ∈ (defs K₁ ++ [aₓ]), ⌜k ≠ i⌝ → (H : val) ( : loc), mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y y0 ∗ ⌜y0 = InjRV (H, #ℓ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': b = InjLV (InjLV #()) ∨ b = InjLV (InjRV #())
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some a
av: val
ℓa: loc
Ha'': a = InjRV (av, #ℓa)

(k : nat) (y0 : val), (defs K₁ ++ [aₓ]) !! k = Some y0 → (λ (k0 : nat) (y1 : val), ⌜k0 ≠ i⌝ → (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y1 ∗ ⌜y1 = InjRV (v, #ℓ)⌝) k y0 -∗ (λ (k0 : nat) (y1 : val), ⌜k0 ≠ i⌝ → (H : val) ( : loc), mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y y1 ∗ ⌜y1 = InjRV (H, #ℓ)⌝) k y0
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': b = InjLV (InjLV #()) ∨ b = InjLV (InjRV #())
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some a
av: val
ℓa: loc
Ha'': a = InjRV (av, #ℓa)
k: nat
u: val
Hk: (defs K₁ ++ [aₓ]) !! k = Some u

"Hu" : ⌜k ≠ i⌝ → (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y u ∗ ⌜u = InjRV (v, #ℓ)⌝ --------------------------------------∗ ⌜k ≠ i⌝ → (H : val) ( : loc), mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y u ∗ ⌜u = InjRV (H, #ℓ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': b = InjLV (InjLV #()) ∨ b = InjLV (InjRV #())
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some a
av: val
ℓa: loc
Ha'': a = InjRV (av, #ℓa)
k: nat
u: val
Hk: (defs K₁ ++ [aₓ]) !! k = Some u
Hki: k ≠ i

"Hu" : ⌜k ≠ i⌝ → (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y u ∗ ⌜u = InjRV (v, #ℓ)⌝ --------------------------------------∗ (H : val) ( : loc), mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y u ∗ ⌜u = InjRV (H, #ℓ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': b = InjLV (InjLV #()) ∨ b = InjLV (InjRV #())
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some a
av: val
ℓa: loc
Ha'': a = InjRV (av, #ℓa)
k: nat
u: val
Hk: (defs K₁ ++ [aₓ]) !! k = Some u
Hki: k ≠ i
H: u ∈ defs K₁ ++ [aₓ]

"Hu" : ⌜k ≠ i⌝ → (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y u ∗ ⌜u = InjRV (v, #ℓ)⌝ --------------------------------------∗ (H : val) ( : loc), mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y u ∗ ⌜u = InjRV (H, #ℓ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': b = InjLV (InjLV #()) ∨ b = InjLV (InjRV #())
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some a
av: val
ℓa: loc
Ha'': a = InjRV (av, #ℓa)
k: nat
w: val
ℓ': loc
Hk: (defs K₁ ++ [aₓ]) !! k = Some (InjRV (w, #ℓ'))
Hki: k ≠ i
H: InjRV (w, #ℓ') ∈ defs K₁ ++ [aₓ]

"Hu" : mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y (InjRV (w, #ℓ')) --------------------------------------∗ (H : val) ( : loc), mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y (InjRV (w, #ℓ')) ∗ ⌜InjRV (w, #ℓ') = InjRV (H, #ℓ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': b = InjLV (InjLV #()) ∨ b = InjLV (InjRV #())
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some a
av: val
ℓa: loc
Ha'': a = InjRV (av, #ℓa)
k: nat
w: val
ℓ': loc
Hk: (defs K₁ ++ [aₓ]) !! k = Some (InjRV (w, #ℓ'))
Hki: k ≠ i
H: InjRV (w, #ℓ') ∈ defs K₁ ++ [aₓ]

"Hu" : mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y (InjRV (w, #ℓ')) --------------------------------------∗ mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y (InjRV (w, #ℓ')) ∗ ⌜InjRV (w, #ℓ') = InjRV (w, #ℓ')⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a ∈ defs K₁ ++ [aₓ]
Hb': b = InjLV (InjLV #()) ∨ b = InjLV (InjRV #())
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some a
av: val
ℓa: loc
Ha'': a = InjRV (av, #ℓa)
k: nat
w: val
ℓ': loc
Hk: (defs K₁ ++ [aₓ]) !! k = Some (InjRV (w, #ℓ'))
Hki: k ≠ i
H: InjRV (w, #ℓ') ∈ defs K₁ ++ [aₓ]

"Hu" : mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y (InjRV (w, #ℓ')) --------------------------------------∗ mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y (InjRV (w, #ℓ'))
iApply (mapsto_diff_update with "Hu"); [done| | | ]; intros ->; [done | by destruct (NoDup_lookup _ _ _ _ HND Hk Hi) | naive_solver ].
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a = InjLV (InjLV #()) ∨ a = InjLV (InjRV #())
Hb': b ∈ defs K₁ ++ [aₓ]

"HK₁" : [∗ list] y0 ∈ (defs K₁ ++ [aₓ]), (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y0 ∗ ⌜y0 = InjRV (v, #ℓ)⌝ --------------------------------------∗ both_mapto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a b ∗ (both_mapto_diff K₁ ((x, (op, a, b)) :: K₂) y a b -∗ backward_inv K₁ ((x, (op, a, b)) :: K₂) y)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a = InjLV (InjLV #()) ∨ a = InjLV (InjRV #())
Hb': b = InjLV (InjLV #()) ∨ b = InjLV (InjRV #())
"HK₁" : [∗ list] y0 ∈ (defs K₁ ++ [aₓ]), (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y0 ∗ ⌜y0 = InjRV (v, #ℓ)⌝ --------------------------------------∗ both_mapto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a b ∗ (both_mapto_diff K₁ ((x, (op, a, b)) :: K₂) y a b -∗ backward_inv K₁ ((x, (op, a, b)) :: K₂) y)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a = InjLV (InjLV #()) ∨ a = InjLV (InjRV #())
Hb': b ∈ defs K₁ ++ [aₓ]

"HK₁" : [∗ list] y0 ∈ (defs K₁ ++ [aₓ]), (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y0 ∗ ⌜y0 = InjRV (v, #ℓ)⌝ --------------------------------------∗ both_mapto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a b ∗ (both_mapto_diff K₁ ((x, (op, a, b)) :: K₂) y a b -∗ backward_inv K₁ ((x, (op, a, b)) :: K₂) y)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a = InjLV (InjLV #()) ∨ a = InjLV (InjRV #())
Hb': b ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some b

"HK₁" : [∗ list] y0 ∈ (defs K₁ ++ [aₓ]), (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y0 ∗ ⌜y0 = InjRV (v, #ℓ)⌝ --------------------------------------∗ both_mapto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a b ∗ (both_mapto_diff K₁ ((x, (op, a, b)) :: K₂) y a b -∗ backward_inv K₁ ((x, (op, a, b)) :: K₂) y)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a = InjLV (InjLV #()) ∨ a = InjLV (InjRV #())
Hb': b ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some b

"HK₁" : ( (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y b ∗ ⌜b = InjRV (v, #ℓ)⌝) ∗ ([∗ list] k↦y0 ∈ (defs K₁ ++ [aₓ]), ⌜k ≠ i⌝ → (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y0 ∗ ⌜ y0 = InjRV (v, #ℓ)⌝) --------------------------------------∗ both_mapto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a b ∗ (both_mapto_diff K₁ ((x, (op, a, b)) :: K₂) y a b -∗ backward_inv K₁ ((x, (op, a, b)) :: K₂) y)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a = InjLV (InjLV #()) ∨ a = InjLV (InjRV #())
Hb': b ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some b
bv: val
ℓb: loc
Hb'': b = InjRV (bv, #ℓb)

"HK₁" : ( (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y b ∗ ⌜b = InjRV (v, #ℓ)⌝) ∗ ([∗ list] k↦y0 ∈ (defs K₁ ++ [aₓ]), ⌜k ≠ i⌝ → (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y0 ∗ ⌜ y0 = InjRV (v, #ℓ)⌝) --------------------------------------∗ both_mapto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a b ∗ (both_mapto_diff K₁ ((x, (op, a, b)) :: K₂) y a b -∗ backward_inv K₁ ((x, (op, a, b)) :: K₂) y)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a = InjLV (InjLV #()) ∨ a = InjLV (InjRV #())
Hb': b ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some b
bv: val
ℓb: loc
Hb'': b = InjRV (bv, #ℓb)

"Hb" : (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y b ∗ ⌜b = InjRV (v, #ℓ)⌝ "HK₁" : [∗ list] k↦y0 ∈ (defs K₁ ++ [aₓ]), ⌜k ≠ i⌝ → (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y0 ∗ ⌜ y0 = InjRV (v, #ℓ)⌝ --------------------------------------∗ both_mapto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a b ∗ (both_mapto_diff K₁ ((x, (op, a, b)) :: K₂) y a b -∗ backward_inv K₁ ((x, (op, a, b)) :: K₂) y)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a = InjLV (InjLV #()) ∨ a = InjLV (InjRV #())
Hb': b ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some b
bv: val
ℓb: loc
Hb'': b = InjRV (bv, #ℓb)

--------------------------------------∗ is_adj_var a ∗ mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a = InjLV (InjLV #()) ∨ a = InjLV (InjRV #())
Hb': b ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some b
bv: val
ℓb: loc
Hb'': b = InjRV (bv, #ℓb)
"Hb" : (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y b ∗ ⌜b = InjRV (v, #ℓ)⌝ --------------------------------------∗ ⌜a ≠ b⌝ -∗ is_adj_var b ∗ mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y b
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a = InjLV (InjLV #()) ∨ a = InjLV (InjRV #())
Hb': b ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some b
bv: val
ℓb: loc
Hb'': b = InjRV (bv, #ℓb)
"HK₁" : [∗ list] k↦y0 ∈ (defs K₁ ++ [aₓ]), ⌜k ≠ i⌝ → (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y0 ∗ ⌜y0 = InjRV (v, #ℓ)⌝ --------------------------------------∗ both_mapto_diff K₁ ((x, (op, a, b)) :: K₂) y a b -∗ backward_inv K₁ ((x, (op, a, b)) :: K₂) y
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a = InjLV (InjLV #()) ∨ a = InjLV (InjRV #())
Hb': b ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some b
bv: val
ℓb: loc
Hb'': b = InjRV (bv, #ℓb)

--------------------------------------∗ is_adj_var a ∗ mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a
iSplit;[ by iPureIntro; left; naive_solver | by iIntros (v' ℓ' Heq); inversion Heq; naive_solver].
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a = InjLV (InjLV #()) ∨ a = InjLV (InjRV #())
Hb': b ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some b
bv: val
ℓb: loc
Hb'': b = InjRV (bv, #ℓb)

"Hb" : (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y b ∗ ⌜b = InjRV (v, #ℓ)⌝ --------------------------------------∗ ⌜a ≠ b⌝ -∗ is_adj_var b ∗ mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y b
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
w: val
ℓ': loc
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, InjRV (w, #ℓ')))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
Hb: InjRV (w, #ℓ') ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
v: val
: loc
Ha': a = InjLV (InjLV #()) ∨ a = InjLV (InjRV #())
Hb': InjRV (w, #ℓ') ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some (InjRV (w, #ℓ'))
bv: val
ℓb: loc
Hb'': InjRV (w, #ℓ') = InjRV (bv, #ℓb)

"Hy" : mapsto_diff (K₁ ++ [(x, (op, a, InjRV (w, #ℓ')))]) K₂ y (InjRV (w, #ℓ')) --------------------------------------∗ ⌜a ≠ InjRV (w, #ℓ')⌝ -∗ is_adj_var (InjRV (w, #ℓ')) ∗ mapsto_diff (K₁ ++ [(x, (op, a, InjRV (w, #ℓ')))]) K₂ y (InjRV (w, #ℓ'))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
w: val
ℓ': loc
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, InjRV (w, #ℓ')))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
Hb: InjRV (w, #ℓ') ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
v: val
: loc
Ha': a = InjLV (InjLV #()) ∨ a = InjLV (InjRV #())
Hb': InjRV (w, #ℓ') ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some (InjRV (w, #ℓ'))
bv: val
ℓb: loc
Hb'': InjRV (w, #ℓ') = InjRV (bv, #ℓb)

--------------------------------------∗ ⌜a ≠ InjRV (w, #ℓ')⌝ -∗ is_adj_var (InjRV (w, #ℓ'))
iPureIntro; right; naive_solver.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a = InjLV (InjLV #()) ∨ a = InjLV (InjRV #())
Hb': b ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some b
bv: val
ℓb: loc
Hb'': b = InjRV (bv, #ℓb)

"HK₁" : [∗ list] k↦y0 ∈ (defs K₁ ++ [aₓ]), ⌜k ≠ i⌝ → (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y0 ∗ ⌜ y0 = InjRV (v, #ℓ)⌝ --------------------------------------∗ both_mapto_diff K₁ ((x, (op, a, b)) :: K₂) y a b -∗ backward_inv K₁ ((x, (op, a, b)) :: K₂) y
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a = InjLV (InjLV #()) ∨ a = InjLV (InjRV #())
Hb': b ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some b
bv: val
ℓb: loc
Hb'': b = InjRV (bv, #ℓb)

"HK₁" : [∗ list] k↦y0 ∈ (defs K₁ ++ [aₓ]), ⌜k ≠ i⌝ → (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y0 ∗ ⌜ y0 = InjRV (v, #ℓ)⌝ "Hb" : ⌜a ≠ b⌝ -∗ is_adj_var b ∗ mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y b --------------------------------------∗ backward_inv K₁ ((x, (op, a, b)) :: K₂) y
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a = InjLV (InjLV #()) ∨ a = InjLV (InjRV #())
Hb': b ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some b
bv: val
ℓb: loc
Hb'': b = InjRV (bv, #ℓb)

"HK₁" : [∗ list] k↦y0 ∈ (defs K₁ ++ [aₓ]), ⌜k ≠ i⌝ → (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y0 ∗ ⌜ y0 = InjRV (v, #ℓ)⌝ "Hb" : ⌜a ≠ b⌝ -∗ is_adj_var b ∗ mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y b --------------------------------------∗ [∗ list] u ∈ (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]), (v : val) ( : loc), mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y u ∗ ⌜ u = InjRV (v, #ℓ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a = InjLV (InjLV #()) ∨ a = InjLV (InjRV #())
Hb': b ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some b
bv: val
ℓb: loc
Hb'': b = InjRV (bv, #ℓb)

"HK₁" : [∗ list] k↦y0 ∈ (defs K₁ ++ [aₓ]), ⌜k ≠ i⌝ → (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y0 ∗ ⌜ y0 = InjRV (v, #ℓ)⌝ "Hb" : ⌜a ≠ b⌝ -∗ is_adj_var b ∗ mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y b --------------------------------------∗ ( (H : val) ( : loc), mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y b ∗ ⌜b = InjRV (H, #ℓ)⌝) ∗ ([∗ list] k↦y0 ∈ (defs K₁ ++ [aₓ]), ⌜k ≠ i⌝ → (H : val) ( : loc), mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y y0 ∗ ⌜y0 = InjRV (H, #ℓ)⌝)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a = InjLV (InjLV #()) ∨ a = InjLV (InjRV #())
Hb': b ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some b
bv: val
ℓb: loc
Hb'': b = InjRV (bv, #ℓb)

"HK₁" : [∗ list] k↦y0 ∈ (defs K₁ ++ [aₓ]), ⌜k ≠ i⌝ → (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y0 ∗ ⌜ y0 = InjRV (v, #ℓ)⌝ "Hb" : mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y b --------------------------------------∗ ( (H : val) ( : loc), mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y b ∗ ⌜b = InjRV (H, #ℓ)⌝) ∗ ([∗ list] k↦y0 ∈ (defs K₁ ++ [aₓ]), ⌜k ≠ i⌝ → (H : val) ( : loc), mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y y0 ∗ ⌜y0 = InjRV (H, #ℓ)⌝)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a = InjLV (InjLV #()) ∨ a = InjLV (InjRV #())
Hb': b ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some b
bv: val
ℓb: loc
Hb'': b = InjRV (bv, #ℓb)

"HK₁" : [∗ list] k↦y0 ∈ (defs K₁ ++ [aₓ]), ⌜k ≠ i⌝ → (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y0 ∗ ⌜ y0 = InjRV (v, #ℓ)⌝ --------------------------------------∗ [∗ list] k↦y0 ∈ (defs K₁ ++ [aₓ]), ⌜k ≠ i⌝ → (H : val) ( : loc), mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y y0 ∗ ⌜y0 = InjRV (H, #ℓ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a = InjLV (InjLV #()) ∨ a = InjLV (InjRV #())
Hb': b ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some b
bv: val
ℓb: loc
Hb'': b = InjRV (bv, #ℓb)

(k : nat) (y0 : val), (defs K₁ ++ [aₓ]) !! k = Some y0 → (λ (k0 : nat) (y1 : val), ⌜k0 ≠ i⌝ → (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y1 ∗ ⌜y1 = InjRV (v, #ℓ)⌝) k y0 -∗ (λ (k0 : nat) (y1 : val), ⌜k0 ≠ i⌝ → (H : val) ( : loc), mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y y1 ∗ ⌜y1 = InjRV (H, #ℓ)⌝) k y0
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a = InjLV (InjLV #()) ∨ a = InjLV (InjRV #())
Hb': b ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some b
bv: val
ℓb: loc
Hb'': b = InjRV (bv, #ℓb)
k: nat
u: val
Hk: (defs K₁ ++ [aₓ]) !! k = Some u

"Hu" : ⌜k ≠ i⌝ → (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y u ∗ ⌜u = InjRV (v, #ℓ)⌝ --------------------------------------∗ ⌜k ≠ i⌝ → (H : val) ( : loc), mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y u ∗ ⌜u = InjRV (H, #ℓ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a = InjLV (InjLV #()) ∨ a = InjLV (InjRV #())
Hb': b ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some b
bv: val
ℓb: loc
Hb'': b = InjRV (bv, #ℓb)
k: nat
u: val
Hk: (defs K₁ ++ [aₓ]) !! k = Some u
Hki: k ≠ i

"Hu" : ⌜k ≠ i⌝ → (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y u ∗ ⌜u = InjRV (v, #ℓ)⌝ --------------------------------------∗ (H : val) ( : loc), mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y u ∗ ⌜u = InjRV (H, #ℓ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a = InjLV (InjLV #()) ∨ a = InjLV (InjRV #())
Hb': b ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some b
bv: val
ℓb: loc
Hb'': b = InjRV (bv, #ℓb)
k: nat
u: val
Hk: (defs K₁ ++ [aₓ]) !! k = Some u
Hki: k ≠ i
H: u ∈ defs K₁ ++ [aₓ]

"Hu" : ⌜k ≠ i⌝ → (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y u ∗ ⌜u = InjRV (v, #ℓ)⌝ --------------------------------------∗ (H : val) ( : loc), mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y u ∗ ⌜u = InjRV (H, #ℓ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a = InjLV (InjLV #()) ∨ a = InjLV (InjRV #())
Hb': b ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some b
bv: val
ℓb: loc
Hb'': b = InjRV (bv, #ℓb)
k: nat
w: val
ℓ': loc
Hk: (defs K₁ ++ [aₓ]) !! k = Some (InjRV (w, #ℓ'))
Hki: k ≠ i
H: InjRV (w, #ℓ') ∈ defs K₁ ++ [aₓ]

"Hu" : mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y (InjRV (w, #ℓ')) --------------------------------------∗ (H : val) ( : loc), mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y (InjRV (w, #ℓ')) ∗ ⌜InjRV (w, #ℓ') = InjRV (H, #ℓ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a = InjLV (InjLV #()) ∨ a = InjLV (InjRV #())
Hb': b ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some b
bv: val
ℓb: loc
Hb'': b = InjRV (bv, #ℓb)
k: nat
w: val
ℓ': loc
Hk: (defs K₁ ++ [aₓ]) !! k = Some (InjRV (w, #ℓ'))
Hki: k ≠ i
H: InjRV (w, #ℓ') ∈ defs K₁ ++ [aₓ]

"Hu" : mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y (InjRV (w, #ℓ')) --------------------------------------∗ mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y (InjRV (w, #ℓ')) ∗ ⌜InjRV (w, #ℓ') = InjRV (w, #ℓ')⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a = InjLV (InjLV #()) ∨ a = InjLV (InjRV #())
Hb': b ∈ defs K₁ ++ [aₓ]
i: nat
Hi: (defs K₁ ++ [aₓ]) !! i = Some b
bv: val
ℓb: loc
Hb'': b = InjRV (bv, #ℓb)
k: nat
w: val
ℓ': loc
Hk: (defs K₁ ++ [aₓ]) !! k = Some (InjRV (w, #ℓ'))
Hki: k ≠ i
H: InjRV (w, #ℓ') ∈ defs K₁ ++ [aₓ]

"Hu" : mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y (InjRV (w, #ℓ')) --------------------------------------∗ mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y (InjRV (w, #ℓ'))
iApply (mapsto_diff_update with "Hu"); [done| | | ]; intros ->; [done | naive_solver | by destruct (NoDup_lookup _ _ _ _ HND Hk Hi) ].
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a = InjLV (InjLV #()) ∨ a = InjLV (InjRV #())
Hb': b = InjLV (InjLV #()) ∨ b = InjLV (InjRV #())

"HK₁" : [∗ list] y0 ∈ (defs K₁ ++ [aₓ]), (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y0 ∗ ⌜y0 = InjRV (v, #ℓ)⌝ --------------------------------------∗ both_mapto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a b ∗ (both_mapto_diff K₁ ((x, (op, a, b)) :: K₂) y a b -∗ backward_inv K₁ ((x, (op, a, b)) :: K₂) y)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a = InjLV (InjLV #()) ∨ a = InjLV (InjRV #())
Hb': b = InjLV (InjLV #()) ∨ b = InjLV (InjRV #())

"HK₁" : [∗ list] y0 ∈ (defs K₁ ++ [aₓ]), (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y0 ∗ ⌜y0 = InjRV (v, #ℓ)⌝ --------------------------------------∗ both_mapto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a b ∗ (both_mapto_diff K₁ ((x, (op, a, b)) :: K₂) y a b -∗ backward_inv K₁ ((x, (op, a, b)) :: K₂) y)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a = InjLV (InjLV #()) ∨ a = InjLV (InjRV #())
Hb': b = InjLV (InjLV #()) ∨ b = InjLV (InjRV #())

--------------------------------------∗ both_mapto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a b
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a = InjLV (InjLV #()) ∨ a = InjLV (InjRV #())
Hb': b = InjLV (InjLV #()) ∨ b = InjLV (InjRV #())
"HK₁" : [∗ list] y0 ∈ (defs K₁ ++ [aₓ]), (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y0 ∗ ⌜y0 = InjRV (v, #ℓ)⌝ --------------------------------------∗ both_mapto_diff K₁ ((x, (op, a, b)) :: K₂) y a b -∗ backward_inv K₁ ((x, (op, a, b)) :: K₂) y
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a = InjLV (InjLV #()) ∨ a = InjLV (InjRV #())
Hb': b = InjLV (InjLV #()) ∨ b = InjLV (InjRV #())

--------------------------------------∗ both_mapto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y a b
iSplitL; [|iIntros "_"]; iSplit; try ( by iIntros (v' ℓ' Heq); inversion Heq; naive_solver); iPureIntro; left; naive_solver.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a = InjLV (InjLV #()) ∨ a = InjLV (InjRV #())
Hb': b = InjLV (InjLV #()) ∨ b = InjLV (InjRV #())

"HK₁" : [∗ list] y0 ∈ (defs K₁ ++ [aₓ]), (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y0 ∗ ⌜y0 = InjRV (v, #ℓ)⌝ --------------------------------------∗ both_mapto_diff K₁ ((x, (op, a, b)) :: K₂) y a b -∗ backward_inv K₁ ((x, (op, a, b)) :: K₂) y
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a = InjLV (InjLV #()) ∨ a = InjLV (InjRV #())
Hb': b = InjLV (InjLV #()) ∨ b = InjLV (InjRV #())

"HK₁" : [∗ list] y0 ∈ (defs K₁ ++ [aₓ]), (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y0 ∗ ⌜y0 = InjRV (v, #ℓ)⌝ --------------------------------------∗ backward_inv K₁ ((x, (op, a, b)) :: K₂) y
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a = InjLV (InjLV #()) ∨ a = InjLV (InjRV #())
Hb': b = InjLV (InjLV #()) ∨ b = InjLV (InjRV #())

"HK₁" : [∗ list] y0 ∈ (defs K₁ ++ [aₓ]), (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y0 ∗ ⌜y0 = InjRV (v, #ℓ)⌝ --------------------------------------∗ [∗ list] u ∈ (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]), (v : val) ( : loc), mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y u ∗ ⌜ u = InjRV (v, #ℓ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a = InjLV (InjLV #()) ∨ a = InjLV (InjRV #())
Hb': b = InjLV (InjLV #()) ∨ b = InjLV (InjRV #())

(k : nat) (y0 : val), (defs K₁ ++ [aₓ]) !! k = Some y0 → (λ (_ : nat) (y1 : val), (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y1 ∗ ⌜y1 = InjRV (v, #ℓ)⌝) k y0 -∗ (λ (_ : nat) (y1 : val), (v : val) ( : loc), mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y y1 ∗ ⌜y1 = InjRV (v, #ℓ)⌝) k y0
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a = InjLV (InjLV #()) ∨ a = InjLV (InjRV #())
Hb': b = InjLV (InjLV #()) ∨ b = InjLV (InjRV #())
k: nat
y': val
Hk: (defs K₁ ++ [aₓ]) !! k = Some y'

(λ (_ : nat) (y0 : val), (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y0 ∗ ⌜y0 = InjRV (v, #ℓ)⌝) k y' -∗ (λ (_ : nat) (y0 : val), (v : val) ( : loc), mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y y0 ∗ ⌜y0 = InjRV (v, #ℓ)⌝) k y'
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a = InjLV (InjLV #()) ∨ a = InjLV (InjRV #())
Hb': b = InjLV (InjLV #()) ∨ b = InjLV (InjRV #())
k: nat
y': val
Hk: (defs K₁ ++ [aₓ]) !! k = Some y'

( (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y' ∗ ⌜y' = InjRV (v, #ℓ)⌝) -∗ (v : val) ( : loc), mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y y' ∗ ⌜y' = InjRV (v, #ℓ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a = InjLV (InjLV #()) ∨ a = InjLV (InjRV #())
Hb': b = InjLV (InjLV #()) ∨ b = InjLV (InjRV #())
k: nat
y': val
Hk: (defs K₁ ++ [aₓ]) !! k = Some y'
H: y' ∈ defs K₁ ++ [aₓ]

( (v : val) ( : loc), mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y y' ∗ ⌜y' = InjRV (v, #ℓ)⌝) -∗ (v : val) ( : loc), mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y y' ∗ ⌜y' = InjRV (v, #ℓ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a = InjLV (InjLV #()) ∨ a = InjLV (InjRV #())
Hb': b = InjLV (InjLV #()) ∨ b = InjLV (InjRV #())
k: nat
w: val
ℓ': loc
H: InjRV (w, #ℓ') ∈ defs K₁ ++ [aₓ]
Hk: (defs K₁ ++ [aₓ]) !! k = Some (InjRV (w, #ℓ'))

"Hy" : mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y (InjRV (w, #ℓ')) --------------------------------------∗ (v : val) ( : loc), mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y (InjRV (w, #ℓ')) ∗ ⌜InjRV (w, #ℓ') = InjRV (v, #ℓ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a = InjLV (InjLV #()) ∨ a = InjLV (InjRV #())
Hb': b = InjLV (InjLV #()) ∨ b = InjLV (InjRV #())
k: nat
w: val
ℓ': loc
H: InjRV (w, #ℓ') ∈ defs K₁ ++ [aₓ]
Hk: (defs K₁ ++ [aₓ]) !! k = Some (InjRV (w, #ℓ'))

"Hy" : mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y (InjRV (w, #ℓ')) --------------------------------------∗ mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y (InjRV (w, #ℓ')) ∗ ⌜InjRV (w, #ℓ') = InjRV (w, #ℓ')⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x: val
op: Binop
a, b: val
aₓ:= InjRV (nᵣ, #ℓₓ): val
ϱ:= ((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}: val → R
Hdefs: a : val, a ∈ defs K₁ ++ [aₓ] → (v : val) ( : loc), a = InjRV (v, #ℓ)
HND: NoDup (defs K₁ ++ [aₓ])
Hx: x ∉ defs K₁ ++ [aₓ]
Ha: a ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hb: b ∈ defs K₁ ++ [InjLV (InjLV #()); InjLV (InjRV #()); aₓ]
Hdiff: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let (K₁ ++ [(x, (op, a, b))]) ++ K₂ .in y ./ ∂ aₓ .at ϱ)
v: val
: loc
Ha': a = InjLV (InjLV #()) ∨ a = InjLV (InjRV #())
Hb': b = InjLV (InjLV #()) ∨ b = InjLV (InjRV #())
k: nat
w: val
ℓ': loc
H: InjRV (w, #ℓ') ∈ defs K₁ ++ [aₓ]
Hk: (defs K₁ ++ [aₓ]) !! k = Some (InjRV (w, #ℓ'))

"Hy" : mapsto_diff (K₁ ++ [(x, (op, a, b))]) K₂ y (InjRV (w, #ℓ')) --------------------------------------∗ mapsto_diff K₁ ((x, (op, a, b)) :: K₂) y (InjRV (w, #ℓ'))
iApply (mapsto_diff_update with "Hy"); [done|by intros ->| |]; intros ->; naive_solver. } Qed. End backward_invariant. Section library_implementation_of_expressions. Context `{!cgraphG Σ, !heapG Σ} {R : Set} {RS : RingSig R} {N : Num} {Ψ : iEff Σ} {NSpec : NumSpec N Ψ RS}. Variables (γ : gname) (ℓₓ : loc) (r : R) (nᵣ : val). Notation a₀ := (InjLV (InjLV #()))%V. Notation a₁ := (InjLV (InjRV #()))%V. Notation aₓ := (InjRV (nᵣ, #ℓₓ))%V. Notation adj_vars := ([a₀; a₁; aₓ]) (only parsing). Notation represents := (represents γ ℓₓ nᵣ) (only parsing). (* If we give the predicate [represents] directly in the definition of [ExprNumSpec], then some unsolved goals remain. With this silly definition they don't. *) Definition implements_expr : val → Expr () → iProp Σ := represents. Definition to_val : Binop → val := λ op, match op with Add => InjLV #() | Mul => InjRV #() end. Definition args : Binop → val → val → val := λ op a b, ((to_val op), (a, b)%V)%V. Definition AD : iEff Σ := (>> (op : Binop) (a b : val) (el er : Expr ()) >> ! (args op a b) {{ represents a el ∗ represents b er }}; << (x : val) << ? (x) {{ represents x (Node _ op el er) }}).
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ, v: val
Φ: val -d> iPropO Σ

protocol_agreement v AD Φ ⊣⊢ ( (op : Binop) (a b : val) (el er : Expr ()), ⌜v = args op a b⌝ ∗ (verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) ∗ ( x : val, verification.represents γ ℓₓ nᵣ x (Node () op el er) -∗ Φ x))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ, v: val
Φ: val -d> iPropO Σ

protocol_agreement v AD Φ ⊣⊢ ( (op : Binop) (a b : val) (el er : Expr ()), ⌜v = args op a b⌝ ∗ (verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) ∗ ( x : val, verification.represents γ ℓₓ nᵣ x (Node () op el er) -∗ Φ x))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ, v: val
Φ: val -d> iPropO Σ

(.. x : [tele (_ : Binop) (_ _ : val) (_ _ : Expr ())], ⌜v = tele_app (λ (x0 : Binop) (x1 x2 : val) (_ _ : Expr ()), (to_val x0, (x1, x2))%V) x⌝ ∗ tele_app (λ (_ : Binop) (x1 x2 : val) (x3 x4 : Expr ()), unseal uPred_sep_aux (iResUR Σ) (verification.represents γ ℓₓ nᵣ x1 x3) (verification.represents γ ℓₓ nᵣ x2 x4)) x ∗ (.. y : [tele _ : val], tele_app (tele_app (λ (x0 : Binop) (_ _ : val) (x3 x4 : Expr ()) (x5 : val), unseal uPred_exist_aux (iResUR Σ) val (λ a : val, b : val, is_entry γ x5 (x0, a, b) ∗ (fix represents (u : val) (e : Expr ()) {struct e} : iProp Σ := match e with | Oₑ => ⌜u = a₀⌝ | Iₑ => ⌜u = a₁⌝ | Leaf _ _ => ⌜u = InjRV (nᵣ, #ℓₓ)⌝ | Node _ op el er => a0 b0 : val, is_entry γ u (op, a0, b0) ∗ represents a0 el ∗ represents b0 er end) a x3 ∗ (fix represents (u : val) (e : Expr ()) {struct e} : iProp Σ := match e with | Oₑ => ⌜u = a₀⌝ | Iₑ => ⌜u = a₁⌝ | Leaf _ _ => ⌜u = InjRV (nᵣ, #ℓₓ)⌝ | Node _ op el er => a0 b0 : val, is_entry γ u (op, a0, b0) ∗ represents a0 el ∗ represents b0 er end) b x4)) x) y -∗ Φ (tele_app (tele_app (λ (_ : Binop) (_ _ : val) (_ _ : Expr ()) (x5 : val), x5) x) y))) ⊣⊢ ( (op : Binop) (a b : val) (el er : Expr ()), ⌜v = args op a b⌝ ∗ (verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) ∗ ( x : val, verification.represents γ ℓₓ nᵣ x (Node () op el er) -∗ Φ x))
by auto. Qed. Definition perform (op : Binop) : val := λ: "a" "b", do: (to_val op, ("a", "b")).
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
E: coPset
op: Binop
a, b: val
el, er: Expr ()

implements_expr a el -∗ implements_expr b er -∗ EWP perform op a b @ E <| AD |> {{ x, implements_expr x (Node () op el er) }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
E: coPset
op: Binop
a, b: val
el, er: Expr ()

implements_expr a el -∗ implements_expr b er -∗ EWP perform op a b @ E <| AD |> {{ x, implements_expr x (Node () op el er) }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
E: coPset
op: Binop
a, b: val
el, er: Expr ()

"Ha" : implements_expr a el "Hb" : implements_expr b er --------------------------------------∗ EWP perform op a b @ E <| AD |> {{ x, implements_expr x (Node () op el er) }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
E: coPset
op: Binop
a, b: val
el, er: Expr ()

"Ha" : implements_expr a el "Hb" : implements_expr b er --------------------------------------∗ EWP (λ: "a" "b", do:(to_val op, ("a", "b")))%V a b @ E <| AD |> {{ x, implements_expr x (Node () op el er) }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
E: coPset
op: Binop
a, b: val
el, er: Expr ()

"Ha" : implements_expr a el "Hb" : implements_expr b er --------------------------------------∗ EWP Eff (to_val op, (a, b)) EmptyCtx @ E <| AD |> {{ x, a b : val, is_entry γ x (op, a, b) ∗ implements_expr a el ∗ implements_expr b er }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
E: coPset
op: Binop
a, b: val
el, er: Expr ()

"Ha" : implements_expr a el "Hb" : implements_expr b er --------------------------------------∗ protocol_agreement (to_val op, (a, b)) AD (λ w : val, ▷ EWP fill EmptyCtx w @ E <| AD |> {{ x, a b : val, is_entry γ x (op, a, b) ∗ implements_expr a el ∗ implements_expr b er }})
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
E: coPset
op: Binop
a, b: val
el, er: Expr ()

"Ha" : implements_expr a el "Hb" : implements_expr b er --------------------------------------∗ (op0 : Binop) (a0 b0 : val) (el0 er0 : Expr ()), ⌜(to_val op, (a, b))%V = args op0 a0 b0⌝ ∗ (verification.represents γ ℓₓ nᵣ a0 el0 ∗ verification.represents γ ℓₓ nᵣ b0 er0) ∗ ( x : val, verification.represents γ ℓₓ nᵣ x (Node () op0 el0 er0) -∗ ▷ EWP fill EmptyCtx x @ E <| AD |> {{ x0, a b : val, is_entry γ x0 (op, a, b) ∗ implements_expr a el ∗ implements_expr b er }})
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
E: coPset
op: Binop
a, b: val
el, er: Expr ()

"Ha" : implements_expr a el "Hb" : implements_expr b er --------------------------------------∗ ⌜(to_val op, (a, b))%V = args op a b⌝ ∗ (verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) ∗ ( x : val, verification.represents γ ℓₓ nᵣ x (Node () op el er) -∗ ▷ EWP fill EmptyCtx x @ E <| AD |> {{ x0, a b : val, is_entry γ x0 (op, a, b) ∗ implements_expr a el ∗ implements_expr b er }})
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
E: coPset
op: Binop
a, b: val
el, er: Expr ()

--------------------------------------∗ ⌜(to_val op, (a, b))%V = args op a b⌝ ∗ ( x : val, verification.represents γ ℓₓ nᵣ x (Node () op el er) -∗ ▷ EWP fill EmptyCtx x @ E <| AD |> {{ x0, a b : val, is_entry γ x0 (op, a, b) ∗ implements_expr a el ∗ implements_expr b er }})
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
E: coPset
op: Binop
a, b: val
el, er: Expr ()

--------------------------------------∗ x : val, verification.represents γ ℓₓ nᵣ x (Node () op el er) -∗ ▷ EWP fill EmptyCtx x @ E <| AD |> {{ x0, a b : val, is_entry γ x0 (op, a, b) ∗ implements_expr a el ∗ implements_expr b er }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
E: coPset
op: Binop
a, b: val
el, er: Expr ()
x: val

"Hx" : verification.represents γ ℓₓ nᵣ x (Node () op el er) --------------------------------------∗ ▷ EWP fill EmptyCtx x @ E <| AD |> {{ x, a b : val, is_entry γ x (op, a, b) ∗ implements_expr a el ∗ implements_expr b er }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
E: coPset
op: Binop
a, b: val
el, er: Expr ()
x: val

"Hx" : verification.represents γ ℓₓ nᵣ x (Node () op el er) --------------------------------------∗ EWP fill EmptyCtx x @ E <| AD |> {{ x, a b : val, is_entry γ x (op, a, b) ∗ implements_expr a el ∗ implements_expr b er }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
E: coPset
op: Binop
a, b: val
el, er: Expr ()
x: val

"Hx" : verification.represents γ ℓₓ nᵣ x (Node () op el er) --------------------------------------∗ a b : val, is_entry γ x (op, a, b) ∗ implements_expr a el ∗ implements_expr b er
iFrame. Qed.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
E: coPset
a, b: val
el, er: Expr ()

implements_expr a el -∗ implements_expr b er -∗ EWP add a b @ E <| AD |> {{ x, implements_expr x (el +ₑ er) }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
E: coPset
a, b: val
el, er: Expr ()

implements_expr a el -∗ implements_expr b er -∗ EWP add a b @ E <| AD |> {{ x, implements_expr x (el +ₑ er) }}
apply (perform_spec E Add). Qed.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
E: coPset
a, b: val
el, er: Expr ()

implements_expr a el -∗ implements_expr b er -∗ EWP mul a b @ E <| AD |> {{ x, implements_expr x (el ×ₑ er) }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
E: coPset
a, b: val
el, er: Expr ()

implements_expr a el -∗ implements_expr b er -∗ EWP mul a b @ E <| AD |> {{ x, implements_expr x (el ×ₑ er) }}
apply (perform_spec E Mul). Qed.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val

⊢ implements_expr a₀ (Oₑ)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val

⊢ implements_expr a₀ (Oₑ)
by iPureIntro. Qed.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val

⊢ implements_expr a₁ (Iₑ)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val

⊢ implements_expr a₁ (Iₑ)
by iPureIntro. Qed. Program Instance ADNumSpec : NumSpec ADNum AD (ExprRing ()) := { implements := implements_expr; nzero_spec := adj_var_0_spec; none_spec := adj_var_1_spec; nadd_spec := add_spec; nmul_spec := mul_spec; }. End library_implementation_of_expressions. Section proof_of_handle. Context `{!cgraphG Σ, !heapG Σ} {R : Set} {RS : RingSig R} {RA : IsRing R} {N : Num} {Ψ : iEff Σ} {NSpec : NumSpec N Ψ RS}. Variables (γ : gname) (ℓₓ : loc) (r : R) (nᵣ : val) (e : Expr ()). (* The expression implemented by the client. *) Notation a₀ := (InjLV (InjLV #()))%V. Notation a₁ := (InjLV (InjRV #()))%V. Notation aₓ := (InjRV (nᵣ, #ℓₓ))%V. Notation adj_vars := ([a₀; a₁; aₓ]) (only parsing). Notation represents := (represents γ ℓₓ nᵣ) (only parsing). Notation AD := (AD γ ℓₓ nᵣ) (only parsing). Notation mapsto_diff := (mapsto_diff r) (only parsing). Notation both_mapto_diff := (both_mapto_diff r) (only parsing). Notation forward_inv := (forward_inv γ ℓₓ r nᵣ) (only parsing). Notation backward_inv := (backward_inv ℓₓ r nᵣ e) (only parsing).
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
v: val

⊢ EWP create v <| Ψ |> {{ w, : loc, ⌜w = InjRV (v, #ℓ)⌝ ∗ ℓ ↦ nzero }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
v: val

⊢ EWP create v <| Ψ |> {{ w, : loc, ⌜w = InjRV (v, #ℓ)⌝ ∗ ℓ ↦ nzero }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
v: val

⊢ EWP (λ: "n", InjR ("n", ref nzero))%V v <| Ψ |> {{ w, : loc, ⌜w = InjRV (v, #ℓ)⌝ ∗ ℓ ↦ nzero }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
v: val

--------------------------------------∗ EWP InjR (v, ref nzero) <| Ψ |> {{ w, : loc, ⌜w = InjRV (v, #ℓ)⌝ ∗ ℓ ↦ nzero }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
v: val

--------------------------------------∗ EWP ref nzero <| Ψ |> {{ v0, EWP fill (ConsCtx InjRCtx (ConsCtx (PairRCtx v) EmptyCtx)) v0 <| Ψ |> {{ w, : loc, ⌜w = InjRV (v, #ℓ)⌝ ∗ ℓ ↦ nzero }} }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
v: val

--------------------------------------∗ v0 : val, (λ lk : val, l : loc, ⌜lk = #l⌝ ∗ l ↦ nzero) v0 ={⊤}=∗ EWP fill (ConsCtx InjRCtx (ConsCtx (PairRCtx v) EmptyCtx)) v0 <| Ψ |> {{ w, : loc, ⌜w = InjRV (v, #ℓ)⌝ ∗ ℓ ↦ nzero }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
v, l: val

"Hl" : l0 : loc, ⌜l = #l0⌝ ∗ l0 ↦ nzero --------------------------------------∗ |={⊤}=> EWP fill (ConsCtx InjRCtx (ConsCtx (PairRCtx v) EmptyCtx)) l <| Ψ |> {{ w, : loc, ⌜w = InjRV (v, #ℓ)⌝ ∗ ℓ ↦ nzero }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
v: val
: loc

"Hℓ" : ℓ ↦ nzero --------------------------------------∗ |={⊤}=> EWP fill (ConsCtx InjRCtx (ConsCtx (PairRCtx v) EmptyCtx)) #ℓ <| Ψ |> {{ w, : loc, ⌜w = InjRV (v, #ℓ)⌝ ∗ ℓ ↦ nzero }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
v: val
: loc

"Hℓ" : ℓ ↦ nzero --------------------------------------∗ EWP fill (ConsCtx InjRCtx (ConsCtx (PairRCtx v) EmptyCtx)) #ℓ <| Ψ |> {{ w, : loc, ⌜w = InjRV (v, #ℓ)⌝ ∗ ℓ ↦ nzero }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
v: val
: loc

"Hℓ" : ℓ ↦ nzero --------------------------------------∗ EWP InjR (v, #ℓ) <| Ψ |> {{ w, : loc, ⌜w = InjRV (v, #ℓ)⌝ ∗ ℓ ↦ nzero }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
v: val
: loc

"Hℓ" : ℓ ↦ nzero --------------------------------------∗ ℓ0 : loc, ⌜InjRV (v, #ℓ) = InjRV (v, #ℓ0)⌝ ∗ ℓ0 ↦ nzero
by iExists ℓ; eauto. Qed.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
u: val
eᵤ: Expr ()

let ϱ := ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]} in verification.forward_inv γ ℓₓ r nᵣ K -∗ verification.represents γ ℓₓ nᵣ u eᵤ -∗ EWP get_val u <| Ψ |> {{ v, verification.forward_inv γ ℓₓ r nᵣ K ∗ implements v ((ϱ .{[ K]}) u) }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
u: val
eᵤ: Expr ()

let ϱ := ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]} in verification.forward_inv γ ℓₓ r nᵣ K -∗ verification.represents γ ℓₓ nᵣ u eᵤ -∗ EWP get_val u <| Ψ |> {{ v, verification.forward_inv γ ℓₓ r nᵣ K ∗ implements v ((ϱ .{[ K]}) u) }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
u: val
eᵤ: Expr ()
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R

"Hinv" : verification.forward_inv γ ℓₓ r nᵣ K "Hu" : verification.represents γ ℓₓ nᵣ u eᵤ --------------------------------------∗ EWP get_val u <| Ψ |> {{ v, verification.forward_inv γ ℓₓ r nᵣ K ∗ implements v ((ϱ .{[ K]}) u) }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
u: val
eᵤ: Expr ()
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
Ha₀: a₀ ∉ defs K

"Hinv" : verification.forward_inv γ ℓₓ r nᵣ K "Hu" : verification.represents γ ℓₓ nᵣ u eᵤ --------------------------------------∗ EWP get_val u <| Ψ |> {{ v, verification.forward_inv γ ℓₓ r nᵣ K ∗ implements v ((ϱ .{[ K]}) u) }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
u: val
eᵤ: Expr ()
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
Ha₀: a₀ ∉ defs K
Ha₁: a₁ ∉ defs K

"Hinv" : verification.forward_inv γ ℓₓ r nᵣ K "Hu" : verification.represents γ ℓₓ nᵣ u eᵤ --------------------------------------∗ EWP get_val u <| Ψ |> {{ v, verification.forward_inv γ ℓₓ r nᵣ K ∗ implements v ((ϱ .{[ K]}) u) }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
u: val
eᵤ: Expr ()
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
Ha₀: a₀ ∉ defs K
Ha₁: a₁ ∉ defs K
Hcases: u ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] ∨ u = a₀ ∨ u = a₁

"Hinv" : verification.forward_inv γ ℓₓ r nᵣ K "Hu" : verification.represents γ ℓₓ nᵣ u eᵤ --------------------------------------∗ EWP get_val u <| Ψ |> {{ v, verification.forward_inv γ ℓₓ r nᵣ K ∗ implements v ((ϱ .{[ K]}) u) }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
u: val
eᵤ: Expr ()
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
Ha₀: a₀ ∉ defs K
Ha₁: a₁ ∉ defs K
Hcases: u ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] ∨ u = a₀ ∨ u = a₁

"Hinv" : verification.forward_inv γ ℓₓ r nᵣ K "Hu" : verification.represents γ ℓₓ nᵣ u eᵤ --------------------------------------∗ EWP (λ: "x", match: "x" with InjL "x" => match: "x" with InjL <> => nzero | InjR <> => none end | InjR "x" => Fst "x" end)%V u <| Ψ |> {{ v, verification.forward_inv γ ℓₓ r nᵣ K ∗ implements v ((ϱ .{[ K]}) u) }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
u: val
eᵤ: Expr ()
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
Ha₀: a₀ ∉ defs K
Ha₁: a₁ ∉ defs K
Hcases: u ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] ∨ u = a₀ ∨ u = a₁

"Hinv" : verification.forward_inv γ ℓₓ r nᵣ K "Hu" : verification.represents γ ℓₓ nᵣ u eᵤ --------------------------------------∗ EWP match: u with InjL "x" => match: "x" with InjL <> => nzero | InjR <> => none end | InjR "x" => Fst "x" end <| Ψ |> {{ v, verification.forward_inv γ ℓₓ r nᵣ K ∗ implements v ((ϱ .{[ K]}) u) }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
u: val
eᵤ: Expr ()
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
Ha₀: a₀ ∉ defs K
Ha₁: a₁ ∉ defs K
Hu: u ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)]

"Hinv" : verification.forward_inv γ ℓₓ r nᵣ K "Hu" : verification.represents γ ℓₓ nᵣ u eᵤ --------------------------------------∗ EWP match: u with InjL "x" => match: "x" with InjL <> => nzero | InjR <> => none end | InjR "x" => Fst "x" end <| Ψ |> {{ v, verification.forward_inv γ ℓₓ r nᵣ K ∗ implements v ((ϱ .{[ K]}) u) }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
u: val
eᵤ: Expr ()
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
Ha₀: a₀ ∉ defs K
Ha₁: a₁ ∉ defs K
Hu: u = a₀
"Hinv" : verification.forward_inv γ ℓₓ r nᵣ K "Hu" : verification.represents γ ℓₓ nᵣ a₀ eᵤ --------------------------------------∗ EWP match: a₀ with InjL "x" => match: "x" with InjL <> => nzero | InjR <> => none end | InjR "x" => Fst "x" end <| Ψ |> {{ v, verification.forward_inv γ ℓₓ r nᵣ K ∗ implements v ((ϱ .{[ K]}) a₀) }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
u: val
eᵤ: Expr ()
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
Ha₀: a₀ ∉ defs K
Ha₁: a₁ ∉ defs K
Hu: u = a₁
"Hinv" : verification.forward_inv γ ℓₓ r nᵣ K "Hu" : verification.represents γ ℓₓ nᵣ a₁ eᵤ --------------------------------------∗ EWP match: a₁ with InjL "x" => match: "x" with InjL <> => nzero | InjR <> => none end | InjR "x" => Fst "x" end <| Ψ |> {{ v, verification.forward_inv γ ℓₓ r nᵣ K ∗ implements v ((ϱ .{[ K]}) a₁) }}
(* TODO: cleanup. *)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
u: val
eᵤ: Expr ()
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
Ha₀: a₀ ∉ defs K
Ha₁: a₁ ∉ defs K
Hu: u ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)]

"Hinv" : verification.forward_inv γ ℓₓ r nᵣ K "Hu" : verification.represents γ ℓₓ nᵣ u eᵤ --------------------------------------∗ EWP match: u with InjL "x" => match: "x" with InjL <> => nzero | InjR <> => none end | InjR "x" => Fst "x" end <| Ψ |> {{ v, verification.forward_inv γ ℓₓ r nᵣ K ∗ implements v ((ϱ .{[ K]}) u) }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
u: val
eᵤ: Expr ()
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
Ha₀: a₀ ∉ defs K
Ha₁: a₁ ∉ defs K
Hu: u ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)]

_ : is_current_context γ K _ : ⌜ u : val, u ∈ defs K → vars (Let K .in u) ⊆ {[a₀; a₁; InjRV (nᵣ, #ℓₓ)]}⌝ "Hheap" : [∗ list] u ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝ "Hu" : verification.represents γ ℓₓ nᵣ u eᵤ --------------------------------------∗ EWP match: u with InjL "x" => match: "x" with InjL <> => nzero | InjR <> => none end | InjR "x" => Fst "x" end <| Ψ |> {{ v, verification.forward_inv γ ℓₓ r nᵣ K ∗ implements v ((ϱ .{[ K]}) u) }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
u: val
eᵤ: Expr ()
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
Ha₀: a₀ ∉ defs K
Ha₁: a₁ ∉ defs K
Hu: u ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)]
i: nat
Hi: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! i = Some u

_ : is_current_context γ K _ : ⌜ u : val, u ∈ defs K → vars (Let K .in u) ⊆ {[a₀; a₁; InjRV (nᵣ, #ℓₓ)]}⌝ "Hheap" : [∗ list] u ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝ "Hu" : verification.represents γ ℓₓ nᵣ u eᵤ --------------------------------------∗ EWP match: u with InjL "x" => match: "x" with InjL <> => nzero | InjR <> => none end | InjR "x" => Fst "x" end <| Ψ |> {{ v, verification.forward_inv γ ℓₓ r nᵣ K ∗ implements v ((ϱ .{[ K]}) u) }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
u: val
eᵤ: Expr ()
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
Ha₀: a₀ ∉ defs K
Ha₁: a₁ ∉ defs K
Hu: u ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)]
i: nat
Hi: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! i = Some u

_ : is_current_context γ K _ : ⌜ u : val, u ∈ defs K → vars (Let K .in u) ⊆ {[a₀; a₁; InjRV (nᵣ, #ℓₓ)]}⌝ "Hheap" : ( (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝) ∗ ([∗ list] k↦y ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), ⌜ k ≠ i⌝ → (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}) y) ∗ ℓ ↦ nzero ∗ ⌜ y = InjRV (v, #ℓ)⌝) "Hu" : verification.represents γ ℓₓ nᵣ u eᵤ --------------------------------------∗ EWP match: u with InjL "x" => match: "x" with InjL <> => nzero | InjR <> => none end | InjR "x" => Fst "x" end <| Ψ |> {{ v, verification.forward_inv γ ℓₓ r nᵣ K ∗ implements v ((ϱ .{[ K]}) u) }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
u: val
eᵤ: Expr ()
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
Ha₀: a₀ ∉ defs K
Ha₁: a₁ ∉ defs K
Hu: u ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)]
i: nat
Hi: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! i = Some u

_ : is_current_context γ K _ : ⌜ u : val, u ∈ defs K → vars (Let K .in u) ⊆ {[a₀; a₁; InjRV (nᵣ, #ℓₓ)]}⌝ "Hu'" : (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝ "Hheap" : [∗ list] k↦y ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), ⌜k ≠ i⌝ → (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}) y) ∗ ℓ ↦ nzero ∗ ⌜y = InjRV (v, #ℓ)⌝ "Hu" : verification.represents γ ℓₓ nᵣ u eᵤ --------------------------------------∗ EWP match: u with InjL "x" => match: "x" with InjL <> => nzero | InjR <> => none end | InjR "x" => Fst "x" end <| Ψ |> {{ v, verification.forward_inv γ ℓₓ r nᵣ K ∗ implements v ((ϱ .{[ K]}) u) }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
eᵤ: Expr ()
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
Ha₀: a₀ ∉ defs K
Ha₁: a₁ ∉ defs K
v: val
: loc
Hu: InjRV (v, #ℓ) ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)]
i: nat
Hi: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! i = Some (InjRV (v, #ℓ))

_ : implements v (((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}) (InjRV (v, #ℓ))) --------------------------------------□ _ : is_current_context γ K _ : ⌜ u : val, u ∈ defs K → vars (Let K .in u) ⊆ {[a₀; a₁; InjRV (nᵣ, #ℓₓ)]}⌝ _ : ℓ ↦ nzero "Hheap" : [∗ list] k↦y ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), ⌜k ≠ i⌝ → (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}) y) ∗ ℓ ↦ nzero ∗ ⌜y = InjRV (v, #ℓ)⌝ "Hu" : verification.represents γ ℓₓ nᵣ (InjRV (v, #ℓ)) eᵤ --------------------------------------∗ EWP match: InjRV (v, #ℓ) with InjL "x" => match: "x" with InjL <> => nzero | InjR <> => none end | InjR "x" => Fst "x" end <| Ψ |> {{ v0, verification.forward_inv γ ℓₓ r nᵣ K ∗ implements v0 ((ϱ .{[ K]}) (InjRV (v, #ℓ))) }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
eᵤ: Expr ()
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
Ha₀: a₀ ∉ defs K
Ha₁: a₁ ∉ defs K
v: val
: loc
Hu: InjRV (v, #ℓ) ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)]
i: nat
Hi: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! i = Some (InjRV (v, #ℓ))

_ : implements v (((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}) (InjRV (v, #ℓ))) --------------------------------------□ _ : is_current_context γ K _ : ⌜ u : val, u ∈ defs K → vars (Let K .in u) ⊆ {[a₀; a₁; InjRV (nᵣ, #ℓₓ)]}⌝ _ : ℓ ↦ nzero "Hheap" : [∗ list] k↦y ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), ⌜k ≠ i⌝ → (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}) y) ∗ ℓ ↦ nzero ∗ ⌜y = InjRV (v, #ℓ)⌝ "Hu" : verification.represents γ ℓₓ nᵣ (InjRV (v, #ℓ)) eᵤ --------------------------------------∗ verification.forward_inv γ ℓₓ r nᵣ K ∗ implements v ((ϱ .{[ K]}) (InjRV (v, #ℓ)))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
eᵤ: Expr ()
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
Ha₀: a₀ ∉ defs K
Ha₁: a₁ ∉ defs K
v: val
: loc
Hu: InjRV (v, #ℓ) ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)]
i: nat
Hi: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! i = Some (InjRV (v, #ℓ))

_ : implements v (((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}) (InjRV (v, #ℓ))) --------------------------------------□ _ : ℓ ↦ nzero "Hheap" : [∗ list] k↦y ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), ⌜k ≠ i⌝ → (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}) y) ∗ ℓ ↦ nzero ∗ ⌜y = InjRV (v, #ℓ)⌝ "Hu" : verification.represents γ ℓₓ nᵣ (InjRV (v, #ℓ)) eᵤ --------------------------------------∗ ([∗ list] u ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜ u = InjRV (v, #ℓ)⌝) ∗ implements v ((ϱ .{[ K]}) (InjRV (v, #ℓ)))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
eᵤ: Expr ()
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
Ha₀: a₀ ∉ defs K
Ha₁: a₁ ∉ defs K
v: val
: loc
Hu: InjRV (v, #ℓ) ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)]
i: nat
Hi: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! i = Some (InjRV (v, #ℓ))

_ : implements v (((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}) (InjRV (v, #ℓ))) --------------------------------------□ _ : ℓ ↦ nzero "Hheap" : [∗ list] k↦y ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), ⌜k ≠ i⌝ → (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}) y) ∗ ℓ ↦ nzero ∗ ⌜y = InjRV (v, #ℓ)⌝ "Hu" : verification.represents γ ℓₓ nᵣ (InjRV (v, #ℓ)) eᵤ --------------------------------------∗ (( (H : val) (H0 : loc), implements H (((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}) (InjRV (v, #ℓ))) ∗ H0 ↦ nzero ∗ ⌜InjRV (v, #ℓ) = InjRV (H, #H0)⌝) ∗ ([∗ list] k↦y ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), ⌜k ≠ i⌝ → (H : val) (H0 : loc), implements H (((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}) y) ∗ H0 ↦ nzero ∗ ⌜y = InjRV (H, #H0)⌝)) ∗ implements v ((ϱ .{[ K]}) (InjRV (v, #ℓ)))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
eᵤ: Expr ()
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
Ha₀: a₀ ∉ defs K
Ha₁: a₁ ∉ defs K
v: val
: loc
Hu: InjRV (v, #ℓ) ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)]
i: nat
Hi: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! i = Some (InjRV (v, #ℓ))

_ : implements v (((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}) (InjRV (v, #ℓ))) --------------------------------------□ _ : ℓ ↦ nzero "Hu" : verification.represents γ ℓₓ nᵣ (InjRV (v, #ℓ)) eᵤ --------------------------------------∗ ( (H : val) (H0 : loc), implements H (((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}) (InjRV (v, #ℓ))) ∗ H0 ↦ nzero ∗ ⌜InjRV (v, #ℓ) = InjRV (H, #H0)⌝) ∗ implements v ((ϱ .{[ K]}) (InjRV (v, #ℓ)))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
eᵤ: Expr ()
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
Ha₀: a₀ ∉ defs K
Ha₁: a₁ ∉ defs K
v: val
: loc
Hu: InjRV (v, #ℓ) ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)]
i: nat
Hi: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! i = Some (InjRV (v, #ℓ))

_ : implements v ((ϱ .{[ K]}) (InjRV (v, #ℓ))) --------------------------------------□ _ : ℓ ↦ nzero "Hu" : verification.represents γ ℓₓ nᵣ (InjRV (v, #ℓ)) eᵤ --------------------------------------∗ ( (H : val) (H0 : loc), implements H ((ϱ .{[ K]}) (InjRV (v, #ℓ))) ∗ H0 ↦ nzero ∗ ⌜InjRV (v, #ℓ) = InjRV (H, #H0)⌝) ∗ implements v ((ϱ .{[ K]}) (InjRV (v, #ℓ)))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
eᵤ: Expr ()
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
Ha₀: a₀ ∉ defs K
Ha₁: a₁ ∉ defs K
v: val
: loc
Hu: InjRV (v, #ℓ) ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)]
i: nat
Hi: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! i = Some (InjRV (v, #ℓ))

_ : implements v ((ϱ .{[ K]}) (InjRV (v, #ℓ))) --------------------------------------□ _ : ℓ ↦ nzero "Hu" : verification.represents γ ℓₓ nᵣ (InjRV (v, #ℓ)) eᵤ --------------------------------------∗ (H : val) (H0 : loc), implements H ((ϱ .{[ K]}) (InjRV (v, #ℓ))) ∗ H0 ↦ nzero ∗ ⌜InjRV (v, #ℓ) = InjRV (H, #H0)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
eᵤ: Expr ()
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
Ha₀: a₀ ∉ defs K
Ha₁: a₁ ∉ defs K
v: val
: loc
Hu: InjRV (v, #ℓ) ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)]
i: nat
Hi: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! i = Some (InjRV (v, #ℓ))

_ : implements v ((ϱ .{[ K]}) (InjRV (v, #ℓ))) --------------------------------------□ _ : ℓ ↦ nzero "Hu" : verification.represents γ ℓₓ nᵣ (InjRV (v, #ℓ)) eᵤ --------------------------------------∗ implements v ((ϱ .{[ K]}) (InjRV (v, #ℓ))) ∗ ℓ ↦ nzero ∗ ⌜InjRV (v, #ℓ) = InjRV (v, #ℓ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
eᵤ: Expr ()
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
Ha₀: a₀ ∉ defs K
Ha₁: a₁ ∉ defs K
v: val
: loc
Hu: InjRV (v, #ℓ) ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)]
i: nat
Hi: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! i = Some (InjRV (v, #ℓ))

_ : implements v ((ϱ .{[ K]}) (InjRV (v, #ℓ))) --------------------------------------□ "Hu" : verification.represents γ ℓₓ nᵣ (InjRV (v, #ℓ)) eᵤ --------------------------------------∗ implements v ((ϱ .{[ K]}) (InjRV (v, #ℓ))) ∗ ⌜InjRV (v, #ℓ) = InjRV (v, #ℓ)⌝
by auto.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
u: val
eᵤ: Expr ()
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
Ha₀: a₀ ∉ defs K
Ha₁: a₁ ∉ defs K
Hu: u = a₀

"Hinv" : verification.forward_inv γ ℓₓ r nᵣ K "Hu" : verification.represents γ ℓₓ nᵣ a₀ eᵤ --------------------------------------∗ EWP match: a₀ with InjL "x" => match: "x" with InjL <> => nzero | InjR <> => none end | InjR "x" => Fst "x" end <| Ψ |> {{ v, verification.forward_inv γ ℓₓ r nᵣ K ∗ implements v ((ϱ .{[ K]}) a₀) }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
u: val
eᵤ: Expr ()
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
Ha₀: a₀ ∉ defs K
Ha₁: a₁ ∉ defs K
Hu: u = a₁
"Hinv" : verification.forward_inv γ ℓₓ r nᵣ K "Hu" : verification.represents γ ℓₓ nᵣ a₁ eᵤ --------------------------------------∗ EWP match: a₁ with InjL "x" => match: "x" with InjL <> => nzero | InjR <> => none end | InjR "x" => Fst "x" end <| Ψ |> {{ v, verification.forward_inv γ ℓₓ r nᵣ K ∗ implements v ((ϱ .{[ K]}) a₁) }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
u: val
eᵤ: Expr ()
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
Ha₀: a₀ ∉ defs K
Ha₁: a₁ ∉ defs K
Hu: u = a₀

"Hinv" : verification.forward_inv γ ℓₓ r nᵣ K "Hu" : verification.represents γ ℓₓ nᵣ a₀ eᵤ --------------------------------------∗ EWP match: a₀ with InjL "x" => match: "x" with InjL <> => nzero | InjR <> => none end | InjR "x" => Fst "x" end <| Ψ |> {{ v, verification.forward_inv γ ℓₓ r nᵣ K ∗ implements v ((ϱ .{[ K]}) a₀) }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
u: val
eᵤ: Expr ()
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
Ha₀: a₀ ∉ defs K
Ha₁: a₁ ∉ defs K
Hu: u = a₀

"Hinv" : verification.forward_inv γ ℓₓ r nᵣ K "Hu" : verification.represents γ ℓₓ nᵣ a₀ eᵤ --------------------------------------∗ verification.forward_inv γ ℓₓ r nᵣ K ∗ implements nzero ((ϱ .{[ K]}) a₀)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
u: val
eᵤ: Expr ()
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
Ha₀: a₀ ∉ defs K
Ha₁: a₁ ∉ defs K
Hu: u = a₀

"Hu" : verification.represents γ ℓₓ nᵣ a₀ eᵤ --------------------------------------∗ implements nzero ((ϱ .{[ K]}) a₀)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
u: val
eᵤ: Expr ()
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
Ha₀: a₀ ∉ defs K
Ha₁: a₁ ∉ defs K
Hu: u = a₀

"Hu" : verification.represents γ ℓₓ nᵣ a₀ eᵤ --------------------------------------∗ implements nzero (eval (map ϱ (Leaf val a₀)))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
u: val
eᵤ: Expr ()
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
Ha₀: a₀ ∉ defs K
Ha₁: a₁ ∉ defs K
Hu: u = a₀

"Hu" : verification.represents γ ℓₓ nᵣ a₀ eᵤ --------------------------------------∗ implements nzero (ϱ a₀)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
u: val
eᵤ: Expr ()
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
Ha₀: a₀ ∉ defs K
Ha₁: a₁ ∉ defs K
Hu: u = a₀

"Hu" : verification.represents γ ℓₓ nᵣ a₀ eᵤ --------------------------------------∗ implements nzero ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) a₀)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
u: val
eᵤ: Expr ()
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
Ha₀: a₀ ∉ defs K
Ha₁: a₁ ∉ defs K
Hu: u = a₀

"Hu" : verification.represents γ ℓₓ nᵣ a₀ eᵤ --------------------------------------∗ implements nzero (((λ _ : val, r) .{[ a₀ := Oᵣ]}) a₀)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
u: val
eᵤ: Expr ()
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
Ha₀: a₀ ∉ defs K
Ha₁: a₁ ∉ defs K
Hu: u = a₀

"Hu" : verification.represents γ ℓₓ nᵣ a₀ eᵤ --------------------------------------∗ implements nzero (Oᵣ)
by iApply nzero_spec.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
u: val
eᵤ: Expr ()
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
Ha₀: a₀ ∉ defs K
Ha₁: a₁ ∉ defs K
Hu: u = a₁

"Hinv" : verification.forward_inv γ ℓₓ r nᵣ K "Hu" : verification.represents γ ℓₓ nᵣ a₁ eᵤ --------------------------------------∗ EWP match: a₁ with InjL "x" => match: "x" with InjL <> => nzero | InjR <> => none end | InjR "x" => Fst "x" end <| Ψ |> {{ v, verification.forward_inv γ ℓₓ r nᵣ K ∗ implements v ((ϱ .{[ K]}) a₁) }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
u: val
eᵤ: Expr ()
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
Ha₀: a₀ ∉ defs K
Ha₁: a₁ ∉ defs K
Hu: u = a₁

"Hinv" : verification.forward_inv γ ℓₓ r nᵣ K "Hu" : verification.represents γ ℓₓ nᵣ a₁ eᵤ --------------------------------------∗ EWP match: a₁ with InjL "x" => match: "x" with InjL <> => nzero | InjR <> => none end | InjR "x" => Fst "x" end <| Ψ |> {{ v, verification.forward_inv γ ℓₓ r nᵣ K ∗ implements v ((ϱ .{[ K]}) a₁) }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
u: val
eᵤ: Expr ()
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
Ha₀: a₀ ∉ defs K
Ha₁: a₁ ∉ defs K
Hu: u = a₁

"Hinv" : verification.forward_inv γ ℓₓ r nᵣ K "Hu" : verification.represents γ ℓₓ nᵣ a₁ eᵤ --------------------------------------∗ verification.forward_inv γ ℓₓ r nᵣ K ∗ implements none ((ϱ .{[ K]}) a₁)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
u: val
eᵤ: Expr ()
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
Ha₀: a₀ ∉ defs K
Ha₁: a₁ ∉ defs K
Hu: u = a₁

"Hu" : verification.represents γ ℓₓ nᵣ a₁ eᵤ --------------------------------------∗ implements none ((ϱ .{[ K]}) a₁)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
u: val
eᵤ: Expr ()
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
Ha₀: a₀ ∉ defs K
Ha₁: a₁ ∉ defs K
Hu: u = a₁

"Hu" : verification.represents γ ℓₓ nᵣ a₁ eᵤ --------------------------------------∗ implements none (eval (map ϱ (Leaf val a₁)))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
u: val
eᵤ: Expr ()
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
Ha₀: a₀ ∉ defs K
Ha₁: a₁ ∉ defs K
Hu: u = a₁

"Hu" : verification.represents γ ℓₓ nᵣ a₁ eᵤ --------------------------------------∗ implements none (ϱ a₁)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
u: val
eᵤ: Expr ()
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
Ha₀: a₀ ∉ defs K
Ha₁: a₁ ∉ defs K
Hu: u = a₁

"Hu" : verification.represents γ ℓₓ nᵣ a₁ eᵤ --------------------------------------∗ implements none ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) a₁)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
u: val
eᵤ: Expr ()
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
Ha₀: a₀ ∉ defs K
Ha₁: a₁ ∉ defs K
Hu: u = a₁

"Hu" : verification.represents γ ℓₓ nᵣ a₁ eᵤ --------------------------------------∗ implements none (Iᵣ)
by iApply none_spec. } Qed.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x, v: val
: loc

let ϱ := ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]} in let ϑ := ϱ .{[ K₁]} in x = InjRV (v, #ℓ) → verification.mapsto_diff r K₁ K₂ y x -∗ EWP get_diff x <| Ψ |> {{ d, verification.mapsto_diff r K₁ K₂ y x ∗ ( s : R, implements d s ∗ ⌜s =ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ)⌝) }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x, v: val
: loc

let ϱ := ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]} in let ϑ := ϱ .{[ K₁]} in x = InjRV (v, #ℓ) → verification.mapsto_diff r K₁ K₂ y x -∗ EWP get_diff x <| Ψ |> {{ d, verification.mapsto_diff r K₁ K₂ y x ∗ ( s : R, implements d s ∗ ⌜s =ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ)⌝) }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x, v: val
: loc
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁]}: val → R
Hx: x = InjRV (v, #ℓ)

"Hx" : verification.mapsto_diff r K₁ K₂ y x --------------------------------------∗ EWP get_diff x <| Ψ |> {{ d, verification.mapsto_diff r K₁ K₂ y x ∗ ( s : R, implements d s ∗ ⌜s =ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ)⌝) }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x, v: val
: loc
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁]}: val → R
Hx: x = InjRV (v, #ℓ)
d: val
s: R
H: s =ᵣ (∂ Let K₂ .in y ./ ∂ x .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁]}))

"Hs" : implements d s --------------------------------------□ "Hℓ" : ℓ ↦ d --------------------------------------∗ EWP get_diff x <| Ψ |> {{ d, verification.mapsto_diff r K₁ K₂ y x ∗ ( s : R, implements d s ∗ ⌜s =ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ)⌝) }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x, v: val
: loc
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁]}: val → R
Hx: x = InjRV (v, #ℓ)
d: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ x .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁]}))

"Hs" : implements d s --------------------------------------□ "Hℓ" : ℓ ↦ d --------------------------------------∗ EWP get_diff x <| Ψ |> {{ d, verification.mapsto_diff r K₁ K₂ y x ∗ ( s : R, implements d s ∗ ⌜s =ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ)⌝) }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x, v: val
: loc
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁]}: val → R
Hx: x = InjRV (v, #ℓ)
d: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ x .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁]}))

"Hs" : implements d s --------------------------------------□ "Hℓ" : ℓ ↦ d --------------------------------------∗ EWP (λ: "x", match: "x" with InjL <> => #() #() | InjR "x" => ! (Snd "x") end)%V x <| Ψ |> {{ d, verification.mapsto_diff r K₁ K₂ y x ∗ ( s : R, implements d s ∗ ⌜s =ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ)⌝) }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x, v: val
: loc
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁]}: val → R
Hx: x = InjRV (v, #ℓ)
d: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ x .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁]}))

"Hs" : implements d s --------------------------------------□ "Hℓ" : ℓ ↦ d --------------------------------------∗ EWP match: x with InjL <> => #() #() | InjR "x" => ! (Snd "x") end <| Ψ |> {{ d, verification.mapsto_diff r K₁ K₂ y x ∗ ( s : R, implements d s ∗ ⌜s =ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ)⌝) }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x, v: val
: loc
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁]}: val → R
Hx: x = InjRV (v, #ℓ)
d: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ x .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁]}))

"Hs" : implements d s --------------------------------------□ "Hℓ" : ℓ ↦ d --------------------------------------∗ EWP match: InjRV (v, #ℓ) with InjL <> => #() #() | InjR "x" => ! (Snd "x") end <| Ψ |> {{ d, verification.mapsto_diff r K₁ K₂ y x ∗ ( s : R, implements d s ∗ ⌜s =ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ)⌝) }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x, v: val
: loc
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁]}: val → R
Hx: x = InjRV (v, #ℓ)
d: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ x .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁]}))

"Hs" : implements d s --------------------------------------□ "Hℓ" : ℓ ↦ d --------------------------------------∗ EWP ! #ℓ <| Ψ |> {{ d, verification.mapsto_diff r K₁ K₂ y x ∗ ( s : R, implements d s ∗ ⌜s =ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ)⌝) }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x, v: val
: loc
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁]}: val → R
Hx: x = InjRV (v, #ℓ)
d: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ x .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁]}))

"Hs" : implements d s --------------------------------------□ v : val, (λ v' : val, ⌜v' = d⌝ ∗ ℓ ↦ d) v ={⊤}=∗ verification.mapsto_diff r K₁ K₂ y x ∗ ( s : R, implements v s ∗ ⌜s =ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ)⌝)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x, v: val
: loc
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁]}: val → R
Hx: x = InjRV (v, #ℓ)
d: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ x .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁]}))

"Hs" : implements d s --------------------------------------□ "Hℓ" : ℓ ↦ d --------------------------------------∗ |={⊤}=> verification.mapsto_diff r K₁ K₂ y x ∗ ( s : R, implements d s ∗ ⌜s =ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ)⌝)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x, v: val
: loc
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁]}: val → R
Hx: x = InjRV (v, #ℓ)
d: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ x .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁]}))

"Hs" : implements d s --------------------------------------□ "Hℓ" : ℓ ↦ d --------------------------------------∗ verification.mapsto_diff r K₁ K₂ y x ∗ ( s : R, implements d s ∗ ⌜s =ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ)⌝)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x, v: val
: loc
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁]}: val → R
Hx: x = InjRV (v, #ℓ)
d: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ x .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁]}))

"Hs" : implements d s --------------------------------------□ "Hℓ" : ℓ ↦ d --------------------------------------∗ verification.mapsto_diff r K₁ K₂ y x
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x, v: val
: loc
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁]}: val → R
Hx: x = InjRV (v, #ℓ)
d: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ x .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁]}))
"Hs" : implements d s --------------------------------------□ s : R, implements d s ∗ ⌜s =ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x, v: val
: loc
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁]}: val → R
Hx: x = InjRV (v, #ℓ)
d: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ x .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁]}))

"Hs" : implements d s --------------------------------------□ "Hℓ" : ℓ ↦ d --------------------------------------∗ verification.mapsto_diff r K₁ K₂ y x
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, v: val
: loc
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁]}: val → R
v': val
ℓ': loc
Hx: InjRV (v', #ℓ') = InjRV (v, #ℓ)
d: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ InjRV (v', #ℓ') .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁]}))

"Hs" : implements d s --------------------------------------□ "Hℓ" : ℓ ↦ d --------------------------------------∗ (d : val) (s : R), implements d s ∗ ⌜s =ᵣ (∂ Let K₂ .in y ./ ∂ InjRV (v', #ℓ') .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁]}))⌝ ∗ ℓ' ↦ d
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, v: val
: loc
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁]}: val → R
v': val
ℓ': loc
Hx: InjRV (v', #ℓ') = InjRV (v, #ℓ)
d: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ InjRV (v', #ℓ') .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁]}))
H0: v' = v
H1: ℓ' = ℓ

"Hs" : implements d s --------------------------------------□ "Hℓ" : ℓ ↦ d --------------------------------------∗ (d : val) (s : R), implements d s ∗ ⌜s =ᵣ (∂ Let K₂ .in y ./ ∂ InjRV (v, #ℓ) .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁]}))⌝ ∗ ℓ ↦ d
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, v: val
: loc
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁]}: val → R
d: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ InjRV (v, #ℓ) .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁]}))

"Hs" : implements d s --------------------------------------□ "Hℓ" : ℓ ↦ d --------------------------------------∗ (d : val) (s : R), implements d s ∗ ⌜s =ᵣ (∂ Let K₂ .in y ./ ∂ InjRV (v, #ℓ) .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁]}))⌝ ∗ ℓ ↦ d
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, v: val
: loc
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁]}: val → R
d: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ InjRV (v, #ℓ) .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁]}))

"Hs" : implements d s --------------------------------------□ "Hℓ" : ℓ ↦ d --------------------------------------∗ implements d s ∗ ⌜s =ᵣ (∂ Let K₂ .in y ./ ∂ InjRV (v, #ℓ) .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁]}))⌝ ∗ ℓ ↦ d
by auto.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x, v: val
: loc
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁]}: val → R
Hx: x = InjRV (v, #ℓ)
d: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ x .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁]}))

"Hs" : implements d s --------------------------------------□ s : R, implements d s ∗ ⌜s =ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x, v: val
: loc
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁]}: val → R
Hx: x = InjRV (v, #ℓ)
d: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ x .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁]}))

"Hs" : implements d s --------------------------------------□ s : R, implements d s ∗ ⌜s =ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x, v: val
: loc
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁]}: val → R
Hx: x = InjRV (v, #ℓ)
d: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ x .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁]}))

"Hs" : implements d s --------------------------------------□ implements d s ∗ ⌜s =ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁, K₂: context
y, x, v: val
: loc
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁]}: val → R
Hx: x = InjRV (v, #ℓ)
d: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ x .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁]}))

"Hs" : implements d s --------------------------------------□ implements d s ∗ ⌜s =ᵣ (∂ Let K₂ .in y ./ ∂ x .at (ϱ .{[ K₁]}))⌝
by iSplit. } Qed.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
x, v: val
: loc
d, i: val
s, ds: R

x = InjRV (v, #ℓ) → ℓ ↦ d -∗ implements d s -∗ implements i ds -∗ EWP update x i <| Ψ |> {{ _, d : val, ℓ ↦ d ∗ implements d (s +ᵣ ds) }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
x, v: val
: loc
d, i: val
s, ds: R

x = InjRV (v, #ℓ) → ℓ ↦ d -∗ implements d s -∗ implements i ds -∗ EWP update x i <| Ψ |> {{ _, d : val, ℓ ↦ d ∗ implements d (s +ᵣ ds) }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
v: val
: loc
d, i: val
s, ds: R

"Hd" : implements d s "Hi" : implements i ds --------------------------------------□ "Hℓ" : ℓ ↦ d --------------------------------------∗ EWP update (InjRV (v, #ℓ)) i <| Ψ |> {{ _, d : val, ℓ ↦ d ∗ implements d (s +ᵣ ds) }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
v: val
: loc
d, i: val
s, ds: R

"Hd" : implements d s "Hi" : implements i ds --------------------------------------□ "Hℓ" : ℓ ↦ d --------------------------------------∗ EWP (λ: "x" "incr", match: "x" with InjL <> => #() | InjR "x" => let: "xd" := Snd "x" in "xd" <- nadd ! "xd" "incr" end)%V (InjRV (v, #ℓ)) i <| Ψ |> {{ _, d : val, ℓ ↦ d ∗ implements d (s +ᵣ ds) }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
v: val
: loc
d, i: val
s, ds: R

"Hd" : implements d s "Hi" : implements i ds --------------------------------------□ "Hℓ" : ℓ ↦ d --------------------------------------∗ EWP #ℓ <- nadd ! #ℓ i <| Ψ |> {{ _, d : val, ℓ ↦ d ∗ implements d (s +ᵣ ds) }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
v: val
: loc
d, i: val
s, ds: R

"Hd" : implements d s "Hi" : implements i ds --------------------------------------□ "Hℓ" : ℓ ↦ d --------------------------------------∗ EWP ! #ℓ <| Ψ |> {{ v, EWP fill (ConsCtx (StoreRCtx #ℓ) (ConsCtx (AppLCtx i) (ConsCtx (AppRCtx nadd) EmptyCtx))) v <| Ψ |> {{ _, d : val, ℓ ↦ d ∗ implements d (s +ᵣ ds) }} }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
v: val
: loc
d, i: val
s, ds: R

"Hd" : implements d s "Hi" : implements i ds --------------------------------------□ v : val, (λ v' : val, ⌜v' = d⌝ ∗ ℓ ↦ d) v ={⊤}=∗ EWP fill (ConsCtx (StoreRCtx #ℓ) (ConsCtx (AppLCtx i) (ConsCtx (AppRCtx nadd) EmptyCtx))) v <| Ψ |> {{ _, d : val, ℓ ↦ d ∗ implements d (s +ᵣ ds) }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
v: val
: loc
d, i: val
s, ds: R

"Hd" : implements d s "Hi" : implements i ds --------------------------------------□ "Hℓ" : ℓ ↦ d --------------------------------------∗ |={⊤}=> EWP fill (ConsCtx (StoreRCtx #ℓ) (ConsCtx (AppLCtx i) (ConsCtx (AppRCtx nadd) EmptyCtx))) d <| Ψ |> {{ _, d : val, ℓ ↦ d ∗ implements d (s +ᵣ ds) }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
v: val
: loc
d, i: val
s, ds: R

"Hd" : implements d s "Hi" : implements i ds --------------------------------------□ "Hℓ" : ℓ ↦ d --------------------------------------∗ EWP fill (ConsCtx (StoreRCtx #ℓ) (ConsCtx (AppLCtx i) (ConsCtx (AppRCtx nadd) EmptyCtx))) d <| Ψ |> {{ _, d : val, ℓ ↦ d ∗ implements d (s +ᵣ ds) }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
v: val
: loc
d, i: val
s, ds: R

"Hd" : implements d s "Hi" : implements i ds --------------------------------------□ "Hℓ" : ℓ ↦ d --------------------------------------∗ EWP #ℓ <- nadd d i <| Ψ |> {{ _, d : val, ℓ ↦ d ∗ implements d (s +ᵣ ds) }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
v: val
: loc
d, i: val
s, ds: R

(#ℓ <- nadd d i)%E = fill_item (StoreRCtx ?e1) ?Goal
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
v: val
: loc
d, i: val
s, ds: R
"Hd" : implements d s "Hi" : implements i ds --------------------------------------□ "Hℓ" : ℓ ↦ d --------------------------------------∗ EWP ?Goal <| Ψ |> {{ v0, EWP fill_item (StoreRCtx ?e1) v0 <| Ψ |> {{ _, d : val, ℓ ↦ d ∗ implements d (s +ᵣ ds) }} }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
v: val
: loc
d, i: val
s, ds: R

"Hd" : implements d s "Hi" : implements i ds --------------------------------------□ "Hℓ" : ℓ ↦ d --------------------------------------∗ EWP nadd d i <| Ψ |> {{ v, EWP fill_item (StoreRCtx #ℓ) v <| Ψ |> {{ _, d : val, ℓ ↦ d ∗ implements d (s +ᵣ ds) }} }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
v: val
: loc
d, i: val
s, ds: R

"Hd" : implements d s "Hi" : implements i ds --------------------------------------□ "Hℓ" : ℓ ↦ d --------------------------------------∗ v : val, (λ x : val, implements x (s +ᵣ ds)) v ={⊤}=∗ EWP fill_item (StoreRCtx #ℓ) v <| Ψ |> {{ _, d : val, ℓ ↦ d ∗ implements d (s +ᵣ ds) }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
v: val
: loc
d, i: val
s, ds: R
w: val

"Hd" : implements d s "Hi" : implements i ds --------------------------------------□ "Hℓ" : ℓ ↦ d "Hw" : implements w (s +ᵣ ds) --------------------------------------∗ |={⊤}=> EWP fill_item (StoreRCtx #ℓ) w <| Ψ |> {{ _, d : val, ℓ ↦ d ∗ implements d (s +ᵣ ds) }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
v: val
: loc
d, i: val
s, ds: R
w: val

"Hd" : implements d s "Hi" : implements i ds --------------------------------------□ "Hℓ" : ℓ ↦ d "Hw" : implements w (s +ᵣ ds) --------------------------------------∗ EWP fill_item (StoreRCtx #ℓ) w <| Ψ |> {{ _, d : val, ℓ ↦ d ∗ implements d (s +ᵣ ds) }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
v: val
: loc
d, i: val
s, ds: R
w: val

"Hd" : implements d s "Hi" : implements i ds --------------------------------------□ "Hw" : implements w (s +ᵣ ds) --------------------------------------∗ v : val, (λ _ : val, ℓ ↦ w) v ={⊤}=∗ d : val, ℓ ↦ d ∗ implements d (s +ᵣ ds)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
v: val
: loc
d, i: val
s, ds: R
w, u: val

"Hd" : implements d s "Hi" : implements i ds --------------------------------------□ "Hw" : implements w (s +ᵣ ds) "Hℓ" : ℓ ↦ w --------------------------------------∗ |={⊤}=> d : val, ℓ ↦ d ∗ implements d (s +ᵣ ds)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
v: val
: loc
d, i: val
s, ds: R
w, u: val

"Hd" : implements d s "Hi" : implements i ds --------------------------------------□ "Hw" : implements w (s +ᵣ ds) "Hℓ" : ℓ ↦ w --------------------------------------∗ d : val, ℓ ↦ d ∗ implements d (s +ᵣ ds)
by eauto. Qed.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
x, w, i: val

x = InjLV w → ⊢ EWP update x i <| Ψ |> {{ _, True }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
x, w, i: val

x = InjLV w → ⊢ EWP update x i <| Ψ |> {{ _, True }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
w, i: val

⊢ EWP update (InjLV w) i <| Ψ |> {{ _, True }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
w, i: val

⊢ EWP (λ: "x" "incr", match: "x" with InjL <> => #() | InjR "x" => let: "xd" := Snd "x" in "xd" <- nadd ! "xd" "incr" end)%V (InjLV w) i <| Ψ |> {{ _, True }}
by ewp_pure_steps. Qed. (* This lemma will be useful in the verification of the return branch. *)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
y: val
s: Expr ()

e =ₑ s → verification.forward_inv γ ℓₓ r nᵣ K -∗ verification.represents γ ℓₓ nᵣ y s -∗ EWP update y none <| Ψ |> {{ _, verification.backward_inv ℓₓ r nᵣ e K [] y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
y: val
s: Expr ()

e =ₑ s → verification.forward_inv γ ℓₓ r nᵣ K -∗ verification.represents γ ℓₓ nᵣ y s -∗ EWP update y none <| Ψ |> {{ _, verification.backward_inv ℓₓ r nᵣ e K [] y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
y: val
s: Expr ()
He: e =ₑ s

"Hinv" : verification.forward_inv γ ℓₓ r nᵣ K "Hy" : verification.represents γ ℓₓ nᵣ y s --------------------------------------∗ EWP update y none <| Ψ |> {{ _, verification.backward_inv ℓₓ r nᵣ e K [] y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
y: val
s: Expr ()
He: e =ₑ s
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in y ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))

"Hinv" : verification.forward_inv γ ℓₓ r nᵣ K "Hy" : verification.represents γ ℓₓ nᵣ y s --------------------------------------∗ EWP update y none <| Ψ |> {{ _, verification.backward_inv ℓₓ r nᵣ e K [] y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
y: val
s: Expr ()
He: e =ₑ s
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in y ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
Hcases: y ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] ∨ y = a₀ ∨ y = a₁

"Hinv" : verification.forward_inv γ ℓₓ r nᵣ K "Hy" : verification.represents γ ℓₓ nᵣ y s --------------------------------------∗ EWP update y none <| Ψ |> {{ _, verification.backward_inv ℓₓ r nᵣ e K [] y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
y: val
s: Expr ()
He: e =ₑ s
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in y ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
Hcases: y ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] ∨ y = a₀ ∨ y = a₁
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])

"Hinv" : verification.forward_inv γ ℓₓ r nᵣ K "Hy" : verification.represents γ ℓₓ nᵣ y s --------------------------------------∗ EWP update y none <| Ψ |> {{ _, verification.backward_inv ℓₓ r nᵣ e K [] y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
y: val
s: Expr ()
He: e =ₑ s
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in y ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
Hcases: y ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] ∨ y = a₀ ∨ y = a₁
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)

"Hinv" : verification.forward_inv γ ℓₓ r nᵣ K "Hy" : verification.represents γ ℓₓ nᵣ y s --------------------------------------∗ EWP update y none <| Ψ |> {{ _, verification.backward_inv ℓₓ r nᵣ e K [] y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
y: val
s: Expr ()
He: e =ₑ s
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in y ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
Hcases: y ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] ∨ y = a₀ ∨ y = a₁
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)

"Hheap" : [∗ list] u ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝ "Hy" : verification.represents γ ℓₓ nᵣ y s --------------------------------------∗ EWP update y none <| Ψ |> {{ _, verification.backward_inv ℓₓ r nᵣ e K [] y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
y: val
s: Expr ()
He: e =ₑ s
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in y ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
Hcases: y ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] ∨ y = a₀ ∨ y = a₁
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)

"Hheap" : [∗ list] u ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝ --------------------------------------∗ EWP update y none <| Ψ |> {{ _, verification.backward_inv ℓₓ r nᵣ e K [] y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
y: val
s: Expr ()
He: e =ₑ s
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in y ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
Hin: y ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)]
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)

"Hheap" : [∗ list] u ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝ --------------------------------------∗ EWP update y none <| Ψ |> {{ _, verification.backward_inv ℓₓ r nᵣ e K [] y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
y: val
s: Expr ()
He: e =ₑ s
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in y ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
Hy: y = a₀ ∨ y = a₁
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
"Hheap" : [∗ list] u ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝ --------------------------------------∗ EWP update y none <| Ψ |> {{ _, verification.backward_inv ℓₓ r nᵣ e K [] y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
y: val
s: Expr ()
He: e =ₑ s
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in y ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
Hin: y ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)]
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)

"Hheap" : [∗ list] u ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝ --------------------------------------∗ EWP update y none <| Ψ |> {{ _, verification.backward_inv ℓₓ r nᵣ e K [] y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
y: val
s: Expr ()
He: e =ₑ s
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in y ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
Hin: y ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)]
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
i: nat
Hi: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! i = Some y

"Hheap" : [∗ list] u ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝ --------------------------------------∗ EWP update y none <| Ψ |> {{ _, verification.backward_inv ℓₓ r nᵣ e K [] y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
y: val
s: Expr ()
He: e =ₑ s
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in y ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
Hin: y ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)]
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
i: nat
Hi: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! i = Some y

"Hheap" : ( (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}) y) ∗ ℓ ↦ nzero ∗ ⌜y = InjRV (v, #ℓ)⌝) ∗ ([∗ list] k↦y ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), ⌜ k ≠ i⌝ → (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}) y) ∗ ℓ ↦ nzero ∗ ⌜ y = InjRV (v, #ℓ)⌝) --------------------------------------∗ EWP update y none <| Ψ |> {{ _, verification.backward_inv ℓₓ r nᵣ e K [] y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
y: val
s: Expr ()
He: e =ₑ s
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in y ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
Hin: y ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)]
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
i: nat
Hi: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! i = Some y

"Hy" : (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}) y) ∗ ℓ ↦ nzero ∗ ⌜y = InjRV (v, #ℓ)⌝ "Hheap" : [∗ list] k↦y ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), ⌜k ≠ i⌝ → (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}) y) ∗ ℓ ↦ nzero ∗ ⌜y = InjRV (v, #ℓ)⌝ --------------------------------------∗ EWP update y none <| Ψ |> {{ _, verification.backward_inv ℓₓ r nᵣ e K [] y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
s: Expr ()
He: e =ₑ s
v: val
: loc
Hin: InjRV (v, #ℓ) ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in InjRV (v, #ℓ) ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
i: nat
Hi: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! i = Some (InjRV (v, #ℓ))

"Hℓ" : ℓ ↦ nzero "Hheap" : [∗ list] k↦y ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), ⌜k ≠ i⌝ → (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}) y) ∗ ℓ ↦ nzero ∗ ⌜y = InjRV (v, #ℓ)⌝ --------------------------------------∗ EWP update (InjRV (v, #ℓ)) none <| Ψ |> {{ _, verification.backward_inv ℓₓ r nᵣ e K [] (InjRV (v, #ℓ)) }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
s: Expr ()
He: e =ₑ s
v: val
: loc
Hin: InjRV (v, #ℓ) ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in InjRV (v, #ℓ) ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
i: nat
Hi: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! i = Some (InjRV (v, #ℓ))

"Hheap" : [∗ list] k↦y ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), ⌜k ≠ i⌝ → (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}) y) ∗ ℓ ↦ nzero ∗ ⌜y = InjRV (v, #ℓ)⌝ --------------------------------------∗ v0 : val, (λ _ : val, d : val, ℓ ↦ d ∗ implements d (Oᵣ +ᵣ Iᵣ)) v0 ={⊤}=∗ verification.backward_inv ℓₓ r nᵣ e K [] (InjRV (v, #ℓ))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
s: Expr ()
He: e =ₑ s
v: val
: loc
Hin: InjRV (v, #ℓ) ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in InjRV (v, #ℓ) ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
i: nat
Hi: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! i = Some (InjRV (v, #ℓ))

"Hheap" : [∗ list] k↦y ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), ⌜k ≠ i⌝ → (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}) y) ∗ ℓ ↦ nzero ∗ ⌜y = InjRV (v, #ℓ)⌝ --------------------------------------∗ ( d : val, ℓ ↦ d ∗ implements d (Oᵣ +ᵣ Iᵣ)) ={⊤}=∗ verification.backward_inv ℓₓ r nᵣ e K [] (InjRV (v, #ℓ))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
s: Expr ()
He: e =ₑ s
v: val
: loc
Hin: InjRV (v, #ℓ) ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in InjRV (v, #ℓ) ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
i: nat
Hi: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! i = Some (InjRV (v, #ℓ))
d: val

"Hd" : implements d (Oᵣ +ᵣ Iᵣ) --------------------------------------□ "Hheap" : [∗ list] k↦y ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), ⌜k ≠ i⌝ → (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}) y) ∗ ℓ ↦ nzero ∗ ⌜y = InjRV (v, #ℓ)⌝ "Hℓ" : ℓ ↦ d --------------------------------------∗ |={⊤}=> verification.backward_inv ℓₓ r nᵣ e K [] (InjRV (v, #ℓ))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
s: Expr ()
He: e =ₑ s
v: val
: loc
Hin: InjRV (v, #ℓ) ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in InjRV (v, #ℓ) ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
i: nat
Hi: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! i = Some (InjRV (v, #ℓ))
d: val

"Hd" : implements d (Oᵣ +ᵣ Iᵣ) --------------------------------------□ "Hheap" : [∗ list] k↦y ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), ⌜k ≠ i⌝ → (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}) y) ∗ ℓ ↦ nzero ∗ ⌜y = InjRV (v, #ℓ)⌝ "Hℓ" : ℓ ↦ d --------------------------------------∗ verification.backward_inv ℓₓ r nᵣ e K [] (InjRV (v, #ℓ))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
s: Expr ()
He: e =ₑ s
v: val
: loc
Hin: InjRV (v, #ℓ) ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in InjRV (v, #ℓ) ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
i: nat
Hi: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! i = Some (InjRV (v, #ℓ))
d: val

"Hd" : implements d (Oᵣ +ᵣ Iᵣ) --------------------------------------□ "Hheap" : [∗ list] k↦y ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), ⌜k ≠ i⌝ → (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}) y) ∗ ℓ ↦ nzero ∗ ⌜y = InjRV (v, #ℓ)⌝ "Hℓ" : ℓ ↦ d --------------------------------------∗ [∗ list] u ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), (v0 : val) (ℓ0 : loc), verification.mapsto_diff r K [] (InjRV (v, #ℓ)) u ∗ ⌜u = InjRV (v0, #ℓ0)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
s: Expr ()
He: e =ₑ s
v: val
: loc
Hin: InjRV (v, #ℓ) ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in InjRV (v, #ℓ) ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
i: nat
Hi: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! i = Some (InjRV (v, #ℓ))
d: val

"Hd" : implements d (Oᵣ +ᵣ Iᵣ) --------------------------------------□ "Hheap" : [∗ list] k↦y ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), ⌜k ≠ i⌝ → (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}) y) ∗ ℓ ↦ nzero ∗ ⌜y = InjRV (v, #ℓ)⌝ "Hℓ" : ℓ ↦ d --------------------------------------∗ ( (H : val) (ℓ0 : loc), verification.mapsto_diff r K [] (InjRV (v, #ℓ)) (InjRV (v, #ℓ)) ∗ ⌜InjRV (v, #ℓ) = InjRV (H, #ℓ0)⌝) ∗ ([∗ list] k↦y ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), ⌜ k ≠ i⌝ → (H : val) (ℓ0 : loc), verification.mapsto_diff r K [] (InjRV (v, #ℓ)) y ∗ ⌜ y = InjRV (H, #ℓ0)⌝)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
s: Expr ()
He: e =ₑ s
v: val
: loc
Hin: InjRV (v, #ℓ) ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in InjRV (v, #ℓ) ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
i: nat
Hi: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! i = Some (InjRV (v, #ℓ))
d: val

"Hd" : implements d (Oᵣ +ᵣ Iᵣ) --------------------------------------□ "Hℓ" : ℓ ↦ d --------------------------------------∗ (H : val) (ℓ0 : loc), verification.mapsto_diff r K [] (InjRV (v, #ℓ)) (InjRV (v, #ℓ)) ∗ ⌜InjRV (v, #ℓ) = InjRV (H, #ℓ0)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
s: Expr ()
He: e =ₑ s
v: val
: loc
Hin: InjRV (v, #ℓ) ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in InjRV (v, #ℓ) ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
i: nat
Hi: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! i = Some (InjRV (v, #ℓ))
d: val
"Hd" : implements d (Oᵣ +ᵣ Iᵣ) --------------------------------------□ "Hheap" : [∗ list] k↦y ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), ⌜k ≠ i⌝ → (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}) y) ∗ ℓ ↦ nzero ∗ ⌜y = InjRV (v, #ℓ)⌝ --------------------------------------∗ [∗ list] k↦y ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), ⌜k ≠ i⌝ → (H : val) (ℓ0 : loc), verification.mapsto_diff r K [] (InjRV (v, #ℓ)) y ∗ ⌜y = InjRV (H, #ℓ0)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
s: Expr ()
He: e =ₑ s
v: val
: loc
Hin: InjRV (v, #ℓ) ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in InjRV (v, #ℓ) ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
i: nat
Hi: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! i = Some (InjRV (v, #ℓ))
d: val

"Hd" : implements d (Oᵣ +ᵣ Iᵣ) --------------------------------------□ "Hℓ" : ℓ ↦ d --------------------------------------∗ (H : val) (ℓ0 : loc), verification.mapsto_diff r K [] (InjRV (v, #ℓ)) (InjRV (v, #ℓ)) ∗ ⌜InjRV (v, #ℓ) = InjRV (H, #ℓ0)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
s: Expr ()
He: e =ₑ s
v: val
: loc
Hin: InjRV (v, #ℓ) ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in InjRV (v, #ℓ) ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
i: nat
Hi: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! i = Some (InjRV (v, #ℓ))
d: val

"Hd" : implements d (Oᵣ +ᵣ Iᵣ) --------------------------------------□ "Hℓ" : ℓ ↦ d --------------------------------------∗ verification.mapsto_diff r K [] (InjRV (v, #ℓ)) (InjRV (v, #ℓ)) ∗ ⌜InjRV (v, #ℓ) = InjRV (v, #ℓ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
s: Expr ()
He: e =ₑ s
v: val
: loc
Hin: InjRV (v, #ℓ) ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in InjRV (v, #ℓ) ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
i: nat
Hi: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! i = Some (InjRV (v, #ℓ))
d: val

"Hd" : implements d (Oᵣ +ᵣ Iᵣ) --------------------------------------□ "Hℓ" : ℓ ↦ d --------------------------------------∗ verification.mapsto_diff r K [] (InjRV (v, #ℓ)) (InjRV (v, #ℓ))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
s: Expr ()
He: e =ₑ s
v: val
: loc
Hin: InjRV (v, #ℓ) ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in InjRV (v, #ℓ) ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
i: nat
Hi: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! i = Some (InjRV (v, #ℓ))
d, v': val
ℓ': loc
H: InjRV (v, #ℓ) = InjRV (v', #ℓ')

"Hd" : implements d (Oᵣ +ᵣ Iᵣ) --------------------------------------□ "Hℓ" : ℓ ↦ d --------------------------------------∗ (d : val) (s : R), implements d s ∗ ⌜s =ᵣ (∂ Let [] .in InjRV (v, #ℓ) ./ ∂ InjRV (v, #ℓ) .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}))⌝ ∗ ℓ' ↦ d
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
s: Expr ()
He: e =ₑ s
ℓ': loc
v': val
Hin: InjRV (v', #ℓ') ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in InjRV (v', #ℓ') ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
i: nat
Hi: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! i = Some (InjRV (v', #ℓ'))
d: val

"Hd" : implements d (Oᵣ +ᵣ Iᵣ) --------------------------------------□ "Hℓ" : ℓ' ↦ d --------------------------------------∗ (d : val) (s : R), implements d s ∗ ⌜s =ᵣ (∂ Let [] .in InjRV (v', #ℓ') ./ ∂ InjRV (v', #ℓ') .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}))⌝ ∗ ℓ' ↦ d
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
s: Expr ()
He: e =ₑ s
ℓ': loc
v': val
Hin: InjRV (v', #ℓ') ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in InjRV (v', #ℓ') ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
i: nat
Hi: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! i = Some (InjRV (v', #ℓ'))
d: val

"Hd" : implements d (Oᵣ +ᵣ Iᵣ) --------------------------------------□ "Hℓ" : ℓ' ↦ d --------------------------------------∗ implements d (Oᵣ +ᵣ Iᵣ) ∗ ⌜(Oᵣ +ᵣ Iᵣ) =ᵣ (∂ Let [] .in InjRV (v', #ℓ') ./ ∂ InjRV (v', #ℓ') .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}))⌝ ∗ ℓ' ↦ d
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
s: Expr ()
He: e =ₑ s
ℓ': loc
v': val
Hin: InjRV (v', #ℓ') ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in InjRV (v', #ℓ') ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
i: nat
Hi: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! i = Some (InjRV (v', #ℓ'))
d: val

"Hd" : implements d (Oᵣ +ᵣ Iᵣ) --------------------------------------□ implements d (Oᵣ +ᵣ Iᵣ) ∗ ⌜(Oᵣ +ᵣ Iᵣ) =ᵣ (∂ Let [] .in InjRV (v', #ℓ') ./ ∂ InjRV (v', #ℓ') .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}))⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
s: Expr ()
He: e =ₑ s
ℓ': loc
v': val
Hin: InjRV (v', #ℓ') ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in InjRV (v', #ℓ') ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
i: nat
Hi: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! i = Some (InjRV (v', #ℓ'))
d: val

"Hd" : implements d (Oᵣ +ᵣ Iᵣ) --------------------------------------□ ⌜(Oᵣ +ᵣ Iᵣ) =ᵣ (∂ Let [] .in InjRV (v', #ℓ') ./ ∂ InjRV (v', #ℓ') .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}))⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
s: Expr ()
He: e =ₑ s
ℓ': loc
v': val
Hin: InjRV (v', #ℓ') ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in InjRV (v', #ℓ') ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
i: nat
Hi: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! i = Some (InjRV (v', #ℓ'))
d: val

(Oᵣ +ᵣ Iᵣ) =ᵣ (∂ Let [] .in InjRV (v', #ℓ') ./ ∂ InjRV (v', #ℓ') .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
s: Expr ()
He: e =ₑ s
ℓ': loc
v': val
Hin: InjRV (v', #ℓ') ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in InjRV (v', #ℓ') ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
i: nat
Hi: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! i = Some (InjRV (v', #ℓ'))
d: val

(Oᵣ +ᵣ Iᵣ) =ᵣ Iᵣ
rewrite (SRadd_0_l is_semi_ring); done.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
s: Expr ()
He: e =ₑ s
v: val
: loc
Hin: InjRV (v, #ℓ) ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in InjRV (v, #ℓ) ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
i: nat
Hi: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! i = Some (InjRV (v, #ℓ))
d: val

"Hd" : implements d (Oᵣ +ᵣ Iᵣ) --------------------------------------□ "Hheap" : [∗ list] k↦y ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), ⌜k ≠ i⌝ → (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}) y) ∗ ℓ ↦ nzero ∗ ⌜y = InjRV (v, #ℓ)⌝ --------------------------------------∗ [∗ list] k↦y ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), ⌜k ≠ i⌝ → (H : val) (ℓ0 : loc), verification.mapsto_diff r K [] (InjRV (v, #ℓ)) y ∗ ⌜ y = InjRV (H, #ℓ0)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
s: Expr ()
He: e =ₑ s
v: val
: loc
Hin: InjRV (v, #ℓ) ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in InjRV (v, #ℓ) ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
i: nat
Hi: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! i = Some (InjRV (v, #ℓ))
d: val

"Hd" : implements d (Oᵣ +ᵣ Iᵣ) --------------------------------------□ "Hheap" : [∗ list] k↦y ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), ⌜k ≠ i⌝ → (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}) y) ∗ ℓ ↦ nzero ∗ ⌜y = InjRV (v, #ℓ)⌝ --------------------------------------∗ [∗ list] k↦y ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), ⌜k ≠ i⌝ → (H : val) (ℓ0 : loc), verification.mapsto_diff r K [] (InjRV (v, #ℓ)) y ∗ ⌜ y = InjRV (H, #ℓ0)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
s: Expr ()
He: e =ₑ s
v: val
: loc
Hin: InjRV (v, #ℓ) ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in InjRV (v, #ℓ) ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
i: nat
Hi: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! i = Some (InjRV (v, #ℓ))
d: val

(k : nat) (y : val), (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! k = Some y → (λ (k0 : nat) (y0 : val), ⌜k0 ≠ i⌝ → (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}) y0) ∗ ℓ ↦ nzero ∗ ⌜y0 = InjRV (v, #ℓ)⌝) k y -∗ (λ (k0 : nat) (y0 : val), ⌜k0 ≠ i⌝ → (H : val) (ℓ0 : loc), verification.mapsto_diff r K [] (InjRV (v, #ℓ)) y0 ∗ ⌜y0 = InjRV (H, #ℓ0)⌝) k y
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
s: Expr ()
He: e =ₑ s
v: val
: loc
Hin: InjRV (v, #ℓ) ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in InjRV (v, #ℓ) ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
i: nat
Hi: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! i = Some (InjRV (v, #ℓ))
d: val
k: nat
x: val
Hk: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! k = Some x

(λ (k : nat) (y : val), ⌜k ≠ i⌝ → (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}) y) ∗ ℓ ↦ nzero ∗ ⌜y = InjRV (v, #ℓ)⌝) k x -∗ (λ (k : nat) (y : val), ⌜k ≠ i⌝ → (H : val) (ℓ0 : loc), verification.mapsto_diff r K [] (InjRV (v, #ℓ)) y ∗ ⌜y = InjRV (H, #ℓ0)⌝) k x
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
s: Expr ()
He: e =ₑ s
v: val
: loc
Hin: InjRV (v, #ℓ) ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in InjRV (v, #ℓ) ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
i: nat
Hi: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! i = Some (InjRV (v, #ℓ))
k: nat
x: val
Hk: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! k = Some x

(λ (k : nat) (y : val), ⌜k ≠ i⌝ → (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}) y) ∗ ℓ ↦ nzero ∗ ⌜y = InjRV (v, #ℓ)⌝) k x -∗ (λ (k : nat) (y : val), ⌜k ≠ i⌝ → (H : val) (ℓ0 : loc), verification.mapsto_diff r K [] (InjRV (v, #ℓ)) y ∗ ⌜y = InjRV (H, #ℓ0)⌝) k x
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
s: Expr ()
He: e =ₑ s
v: val
: loc
Hin: InjRV (v, #ℓ) ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in InjRV (v, #ℓ) ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
i: nat
Hi: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! i = Some (InjRV (v, #ℓ))
k: nat
x: val
Hk: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! k = Some x
H: k ≠ i

"Hx" : ⌜k ≠ i⌝ → (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}) x) ∗ ℓ ↦ nzero ∗ ⌜x = InjRV (v, #ℓ)⌝ --------------------------------------∗ (H : val) (ℓ0 : loc), verification.mapsto_diff r K [] (InjRV (v, #ℓ)) x ∗ ⌜x = InjRV (H, #ℓ0)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
s: Expr ()
He: e =ₑ s
v: val
: loc
Hin: InjRV (v, #ℓ) ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in InjRV (v, #ℓ) ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
i: nat
Hi: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! i = Some (InjRV (v, #ℓ))
k: nat
v': val
ℓ': loc
Hk: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! k = Some (InjRV (v', #ℓ'))
H: k ≠ i

"Hx" : ℓ' ↦ nzero --------------------------------------∗ (H : val) (ℓ0 : loc), verification.mapsto_diff r K [] (InjRV (v, #ℓ)) (InjRV (v', #ℓ')) ∗ ⌜InjRV (v', #ℓ') = InjRV (H, #ℓ0)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
s: Expr ()
He: e =ₑ s
v: val
: loc
Hin: InjRV (v, #ℓ) ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in InjRV (v, #ℓ) ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
i: nat
Hi: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! i = Some (InjRV (v, #ℓ))
k: nat
v': val
ℓ': loc
Hk: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! k = Some (InjRV (v', #ℓ'))
H: k ≠ i

"Hx" : ℓ' ↦ nzero --------------------------------------∗ verification.mapsto_diff r K [] (InjRV (v, #ℓ)) (InjRV (v', #ℓ')) ∗ ⌜InjRV (v', #ℓ') = InjRV (v', #ℓ')⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
s: Expr ()
He: e =ₑ s
v: val
: loc
Hin: InjRV (v, #ℓ) ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in InjRV (v, #ℓ) ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
i: nat
Hi: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! i = Some (InjRV (v, #ℓ))
k: nat
v': val
ℓ': loc
Hk: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! k = Some (InjRV (v', #ℓ'))
H: k ≠ i

"Hx" : ℓ' ↦ nzero --------------------------------------∗ verification.mapsto_diff r K [] (InjRV (v, #ℓ)) (InjRV (v', #ℓ'))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
s: Expr ()
He: e =ₑ s
v: val
: loc
Hin: InjRV (v, #ℓ) ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in InjRV (v, #ℓ) ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
i: nat
Hi: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! i = Some (InjRV (v, #ℓ))
k: nat
v': val
ℓ': loc
Hk: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! k = Some (InjRV (v', #ℓ'))
H: k ≠ i
w: val
ℓ'': loc
H0: InjRV (v', #ℓ') = InjRV (w, #ℓ'')

"Hx" : ℓ' ↦ nzero --------------------------------------∗ (d : val) (s : R), implements d s ∗ ⌜s =ᵣ (∂ Let [] .in InjRV (v, #ℓ) ./ ∂ InjRV (v', #ℓ') .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}))⌝ ∗ ℓ'' ↦ d
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
s: Expr ()
He: e =ₑ s
v: val
: loc
Hin: InjRV (v, #ℓ) ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in InjRV (v, #ℓ) ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
i: nat
Hi: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! i = Some (InjRV (v, #ℓ))
k: nat
ℓ'': loc
w: val
Hk: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! k = Some (InjRV (w, #ℓ''))
H: k ≠ i

"Hx" : ℓ'' ↦ nzero --------------------------------------∗ (d : val) (s : R), implements d s ∗ ⌜s =ᵣ (∂ Let [] .in InjRV (v, #ℓ) ./ ∂ InjRV (w, #ℓ'') .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}))⌝ ∗ ℓ'' ↦ d
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
s: Expr ()
He: e =ₑ s
v: val
: loc
Hin: InjRV (v, #ℓ) ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in InjRV (v, #ℓ) ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
i: nat
Hi: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! i = Some (InjRV (v, #ℓ))
k: nat
ℓ'': loc
w: val
Hk: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! k = Some (InjRV (w, #ℓ''))
H: k ≠ i

"Hx" : ℓ'' ↦ nzero --------------------------------------∗ implements nzero (Oᵣ) ∗ ⌜Oᵣ =ᵣ (∂ Let [] .in InjRV (v, #ℓ) ./ ∂ InjRV (w, #ℓ'') .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}))⌝ ∗ ℓ'' ↦ nzero
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
s: Expr ()
He: e =ₑ s
v: val
: loc
Hin: InjRV (v, #ℓ) ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in InjRV (v, #ℓ) ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
i: nat
Hi: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! i = Some (InjRV (v, #ℓ))
k: nat
ℓ'': loc
w: val
Hk: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! k = Some (InjRV (w, #ℓ''))
H: k ≠ i

--------------------------------------∗ implements nzero (Oᵣ) ∗ ⌜Oᵣ =ᵣ (∂ Let [] .in InjRV (v, #ℓ) ./ ∂ InjRV (w, #ℓ'') .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}))⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
s: Expr ()
He: e =ₑ s
v: val
: loc
Hin: InjRV (v, #ℓ) ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in InjRV (v, #ℓ) ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
i: nat
Hi: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! i = Some (InjRV (v, #ℓ))
k: nat
ℓ'': loc
w: val
Hk: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! k = Some (InjRV (w, #ℓ''))
H: k ≠ i

--------------------------------------∗ ⌜Oᵣ =ᵣ (∂ Let [] .in InjRV (v, #ℓ) ./ ∂ InjRV (w, #ℓ'') .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}))⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
s: Expr ()
He: e =ₑ s
v: val
: loc
Hin: InjRV (v, #ℓ) ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in InjRV (v, #ℓ) ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
i: nat
Hi: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! i = Some (InjRV (v, #ℓ))
k: nat
ℓ'': loc
w: val
Hk: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! k = Some (InjRV (w, #ℓ''))
H: k ≠ i

--------------------------------------∗ ⌜Oᵣ =ᵣ (if decide (InjRV (w, #ℓ'') = InjRV (v, #ℓ)) then Iᵣ else Oᵣ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
s: Expr ()
He: e =ₑ s
v: val
: loc
Hin: InjRV (v, #ℓ) ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in InjRV (v, #ℓ) ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
i: nat
Hi: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! i = Some (InjRV (v, #ℓ))
k: nat
ℓ'': loc
w: val
Hk: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! k = Some (InjRV (w, #ℓ''))
H: k ≠ i

InjRV (w, #ℓ'') ≠ InjRV (v, #ℓ)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
s: Expr ()
He: e =ₑ s
v: val
: loc
Hin: InjRV (v, #ℓ) ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)]
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in InjRV (v, #ℓ) ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
i: nat
Hi: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! i = Some (InjRV (v, #ℓ))
k: nat
Hk: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! k = Some (InjRV (v, #ℓ))
H: k ≠ i

False
by destruct (NoDup_lookup _ _ _ _ HND Hi Hk). }
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
y: val
s: Expr ()
He: e =ₑ s
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in y ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
Hy: y = a₀ ∨ y = a₁
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)

"Hheap" : [∗ list] u ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝ --------------------------------------∗ EWP update y none <| Ψ |> {{ _, verification.backward_inv ℓₓ r nᵣ e K [] y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
y: val
s: Expr ()
He: e =ₑ s
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in y ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
Hy: y = a₀ ∨ y = a₁
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)

"Hheap" : [∗ list] u ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝ --------------------------------------∗ EWP update y none <| Ψ |> {{ _, verification.backward_inv ℓₓ r nᵣ e K [] y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
y: val
s: Expr ()
He: e =ₑ s
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in y ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
Hy: y = a₀ ∨ y = a₁
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)

"Hheap" : [∗ list] u ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝ --------------------------------------∗ v : val, (λ _ : val, True) v ={⊤}=∗ verification.backward_inv ℓₓ r nᵣ e K [] y
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
y: val
s: Expr ()
He: e =ₑ s
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in y ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
Hy: y = a₀ ∨ y = a₁
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
v: val

"Hheap" : [∗ list] u ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝ --------------------------------------∗ |={⊤}=> verification.backward_inv ℓₓ r nᵣ e K [] y
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
y: val
s: Expr ()
He: e =ₑ s
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in y ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
Hy: y = a₀ ∨ y = a₁
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
v: val

"Hheap" : [∗ list] u ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝ --------------------------------------∗ verification.backward_inv ℓₓ r nᵣ e K [] y
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
y: val
s: Expr ()
He: e =ₑ s
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in y ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
Hy: y = a₀ ∨ y = a₁
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
v: val

"Hheap" : [∗ list] u ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝ --------------------------------------∗ [∗ list] u ∈ (defs K ++ [InjRV (nᵣ, #ℓₓ)]), (v : val) ( : loc), verification.mapsto_diff r K [] y u ∗ ⌜u = InjRV (v, #ℓ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
y: val
s: Expr ()
He: e =ₑ s
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in y ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
Hy: y = a₀ ∨ y = a₁
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
v: val

(k : nat) (y0 : val), (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! k = Some y0 → (λ (_ : nat) (u : val), (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝) k y0 -∗ (λ (_ : nat) (y1 : val), (v : val) ( : loc), verification.mapsto_diff r K [] y y1 ∗ ⌜y1 = InjRV (v, #ℓ)⌝) k y0
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
y: val
s: Expr ()
He: e =ₑ s
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in y ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
Hy: y = a₀ ∨ y = a₁
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
v: val
k: nat
x: val
Hk: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! k = Some x

(λ (_ : nat) (u : val), (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}) u) ∗ ℓ ↦ nzero ∗ ⌜u = InjRV (v, #ℓ)⌝) k x -∗ (λ (_ : nat) (y0 : val), (v : val) ( : loc), verification.mapsto_diff r K [] y y0 ∗ ⌜y0 = InjRV (v, #ℓ)⌝) k x
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
y: val
s: Expr ()
He: e =ₑ s
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in y ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
Hy: y = a₀ ∨ y = a₁
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
v: val
k: nat
x: val
Hk: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! k = Some x

"Hx" : (v : val) ( : loc), implements v (((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}) x) ∗ ℓ ↦ nzero ∗ ⌜x = InjRV (v, #ℓ)⌝ --------------------------------------∗ (v : val) ( : loc), verification.mapsto_diff r K [] y x ∗ ⌜x = InjRV (v, #ℓ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
y: val
s: Expr ()
He: e =ₑ s
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in y ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
Hy: y = a₀ ∨ y = a₁
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
v: val
k: nat
v': val
ℓ': loc
Hk: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! k = Some (InjRV (v', #ℓ'))

"Hx" : ℓ' ↦ nzero --------------------------------------∗ (v : val) ( : loc), verification.mapsto_diff r K [] y (InjRV (v', #ℓ')) ∗ ⌜InjRV (v', #ℓ') = InjRV (v, #ℓ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
y: val
s: Expr ()
He: e =ₑ s
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in y ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
Hy: y = a₀ ∨ y = a₁
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
v: val
k: nat
v': val
ℓ': loc
Hk: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! k = Some (InjRV (v', #ℓ'))

"Hx" : ℓ' ↦ nzero --------------------------------------∗ verification.mapsto_diff r K [] y (InjRV (v', #ℓ')) ∗ ⌜InjRV (v', #ℓ') = InjRV (v', #ℓ')⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
y: val
s: Expr ()
He: e =ₑ s
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in y ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
Hy: y = a₀ ∨ y = a₁
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
v: val
k: nat
v': val
ℓ': loc
Hk: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! k = Some (InjRV (v', #ℓ'))

"Hx" : ℓ' ↦ nzero --------------------------------------∗ verification.mapsto_diff r K [] y (InjRV (v', #ℓ'))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
y: val
s: Expr ()
He: e =ₑ s
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in y ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
Hy: y = a₀ ∨ y = a₁
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
v: val
k: nat
v': val
ℓ': loc
Hk: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! k = Some (InjRV (v', #ℓ'))
w: val
ℓ'': loc
H: InjRV (v', #ℓ') = InjRV (w, #ℓ'')

"Hx" : ℓ' ↦ nzero --------------------------------------∗ (d : val) (s : R), implements d s ∗ ⌜s =ᵣ (∂ Let [] .in y ./ ∂ InjRV (v', #ℓ') .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}))⌝ ∗ ℓ'' ↦ d
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
y: val
s: Expr ()
He: e =ₑ s
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in y ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
Hy: y = a₀ ∨ y = a₁
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
v: val
k: nat
ℓ'': loc
w: val
Hk: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! k = Some (InjRV (w, #ℓ''))

"Hx" : ℓ'' ↦ nzero --------------------------------------∗ (d : val) (s : R), implements d s ∗ ⌜s =ᵣ (∂ Let [] .in y ./ ∂ InjRV (w, #ℓ'') .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}))⌝ ∗ ℓ'' ↦ d
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
y: val
s: Expr ()
He: e =ₑ s
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in y ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
Hy: y = a₀ ∨ y = a₁
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
v: val
k: nat
ℓ'': loc
w: val
Hk: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! k = Some (InjRV (w, #ℓ''))

"Hx" : ℓ'' ↦ nzero --------------------------------------∗ implements nzero (Oᵣ) ∗ ⌜Oᵣ =ᵣ (∂ Let [] .in y ./ ∂ InjRV (w, #ℓ'') .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}))⌝ ∗ ℓ'' ↦ nzero
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
y: val
s: Expr ()
He: e =ₑ s
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in y ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
Hy: y = a₀ ∨ y = a₁
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
v: val
k: nat
ℓ'': loc
w: val
Hk: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! k = Some (InjRV (w, #ℓ''))

--------------------------------------∗ implements nzero (Oᵣ) ∗ ⌜Oᵣ =ᵣ (∂ Let [] .in y ./ ∂ InjRV (w, #ℓ'') .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}))⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
y: val
s: Expr ()
He: e =ₑ s
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in y ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
Hy: y = a₀ ∨ y = a₁
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
v: val
k: nat
ℓ'': loc
w: val
Hk: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! k = Some (InjRV (w, #ℓ''))

--------------------------------------∗ ⌜Oᵣ =ᵣ (∂ Let [] .in y ./ ∂ InjRV (w, #ℓ'') .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K]}))⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
y: val
s: Expr ()
He: e =ₑ s
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in y ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
Hy: y = a₀ ∨ y = a₁
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
v: val
k: nat
ℓ'': loc
w: val
Hk: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! k = Some (InjRV (w, #ℓ''))

--------------------------------------∗ ⌜Oᵣ =ᵣ (if decide (InjRV (w, #ℓ'') = y) then Iᵣ else Oᵣ)⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K: context
y: val
s: Expr ()
He: e =ₑ s
Hs: (∂ s ./ ∂ () .at (λ _ : (), r)) = (∂ Let K .in y ./ ∂ InjRV (nᵣ, #ℓₓ) .at (((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}))
Hy: y = a₀ ∨ y = a₁
HND: NoDup (defs K ++ [InjRV (nᵣ, #ℓₓ)])
Hdefs: a : val, a ∈ defs K ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
v: val
k: nat
ℓ'': loc
w: val
Hk: (defs K ++ [InjRV (nᵣ, #ℓₓ)]) !! k = Some (InjRV (w, #ℓ''))

InjRV (w, #ℓ'') ≠ y
by destruct Hy as [Hy|Hy]; rewrite Hy. } Qed. Section update_twice_spec. Add Ring LocalRing : is_semi_ring.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R

let ϱ := ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]} in let ϑ := ϱ .{[ K₁ ++ [(x, (op, a, b))]]} in x ≠ a → x ≠ b → da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ)) → db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ)) → implements ia da -∗ implements ib db -∗ verification.both_mapto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y a b -∗ EWP update a ia;; update b ib <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R

let ϱ := ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]} in let ϑ := ϱ .{[ K₁ ++ [(x, (op, a, b))]]} in x ≠ a → x ≠ b → da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ)) → db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ)) → implements ia da -∗ implements ib db -∗ verification.both_mapto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y a b -∗ EWP update a ia;; update b ib <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))

implements ia da -∗ implements ib db -∗ verification.both_mapto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y a b -∗ EWP update a ia;; update b ib <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))

"Hia" : implements ia da "Hib" : implements ib db --------------------------------------□ verification.both_mapto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y a b -∗ EWP update a ia;; update b ib <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
H: ( w : val, a = InjLV w) ∨ ( (n : val) ( : loc), a = InjRV (n, #ℓ))

"Hia" : implements ia da "Hib" : implements ib db --------------------------------------□ "Ha" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y a "Hb" : ⌜a ≠ b⌝ -∗ is_adj_var b ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b --------------------------------------∗ EWP update a ia;; update b ib <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Ha: ( w : val, a = InjLV w) ∨ ( (n : val) ( : loc), a = InjRV (n, #ℓ))

"Hia" : implements ia da "Hib" : implements ib db --------------------------------------□ "Ha" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y a "Hb" : ⌜a ≠ b⌝ -∗ is_adj_var b ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b --------------------------------------∗ EWP update a ia;; update b ib <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Ha: ( w : val, a = InjLV w) ∨ ( (n : val) ( : loc), a = InjRV (n, #ℓ))

"Hia" : implements ia da "Hib" : implements ib db --------------------------------------□ "Ha" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y a "Hb" : ⌜a ≠ b⌝ -∗ is_adj_var b ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b --------------------------------------∗ EWP update a ia <| Ψ |> {{ v, EWP fill_item (AppRCtx (λ: <>, update b ib)) v <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }} }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
w: val
Ha: a = InjLV w

"Hia" : implements ia da "Hib" : implements ib db --------------------------------------□ "Ha" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y a "Hb" : ⌜a ≠ b⌝ -∗ is_adj_var b ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b --------------------------------------∗ EWP update a ia <| Ψ |> {{ v, EWP fill_item (AppRCtx (λ: <>, update b ib)) v <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }} }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
v: val
: loc
Ha: a = InjRV (v, #ℓ)
"Hia" : implements ia da "Hib" : implements ib db --------------------------------------□ "Ha" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y a "Hb" : ⌜a ≠ b⌝ -∗ is_adj_var b ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b --------------------------------------∗ EWP update a ia <| Ψ |> {{ v, EWP fill_item (AppRCtx (λ: <>, update b ib)) v <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }} }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
w: val
Ha: a = InjLV w

"Hia" : implements ia da "Hib" : implements ib db --------------------------------------□ "Ha" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y a "Hb" : ⌜a ≠ b⌝ -∗ is_adj_var b ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b --------------------------------------∗ EWP update a ia <| Ψ |> {{ v, EWP fill_item (AppRCtx (λ: <>, update b ib)) v <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }} }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
w: val
Ha: a = InjLV w

"Hia" : implements ia da "Hib" : implements ib db --------------------------------------□ "Ha" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y a "Hb" : ⌜a ≠ b⌝ -∗ is_adj_var b ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b --------------------------------------∗ v : val, (λ _ : val, True) v ={⊤}=∗ EWP fill_item (AppRCtx (λ: <>, update b ib)) v <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
w: val
Ha: a = InjLV w
v': val

"Hia" : implements ia da "Hib" : implements ib db --------------------------------------□ "Ha" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y a "Hb" : ⌜a ≠ b⌝ -∗ is_adj_var b ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b --------------------------------------∗ |={⊤}=> EWP fill_item (AppRCtx (λ: <>, update b ib)) v' <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
w: val
Ha: a = InjLV w
v': val

"Hia" : implements ia da "Hib" : implements ib db --------------------------------------□ "Ha" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y a "Hb" : ⌜a ≠ b⌝ -∗ is_adj_var b ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b --------------------------------------∗ EWP fill_item (AppRCtx (λ: <>, update b ib)) v' <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
w: val
Ha: a = InjLV w
v': val

"Hia" : implements ia da "Hib" : implements ib db --------------------------------------□ "Ha" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y a "Hb" : ⌜a ≠ b⌝ -∗ is_adj_var b ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b --------------------------------------∗ EWP v';; update b ib <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
w: val
Ha: a = InjLV w
v': val

"Hia" : implements ia da "Hib" : implements ib db --------------------------------------□ "Ha" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y a "Hb" : ⌜a ≠ b⌝ -∗ is_adj_var b ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b --------------------------------------∗ EWP λ: <>, update b ib <| Ψ |> {{ v, EWP fill_item (AppLCtx v') v <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }} }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
w: val
Ha: a = InjLV w
v': val

"Hia" : implements ia da "Hib" : implements ib db --------------------------------------□ "Ha" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y a "Hb" : ⌜a ≠ b⌝ -∗ is_adj_var b ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b --------------------------------------∗ EWP (λ: <>, update b ib)%V <| Ψ |> {{ v, EWP fill_item (AppLCtx v') v <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }} }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
w: val
Ha: a = InjLV w
v': val

"Hia" : implements ia da "Hib" : implements ib db --------------------------------------□ "Ha" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y a "Hb" : ⌜a ≠ b⌝ -∗ is_adj_var b ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b --------------------------------------∗ EWP fill_item (AppLCtx v') (λ: <>, update b ib)%V <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
w: val
Ha: a = InjLV w
v': val

"Hia" : implements ia da "Hib" : implements ib db --------------------------------------□ "Ha" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y a "Hb" : ⌜a ≠ b⌝ -∗ is_adj_var b ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b --------------------------------------∗ EWP (λ: <>, update b ib)%V v' <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
w: val
Ha: a = InjLV w
v': val

"Hia" : implements ia da "Hib" : implements ib db --------------------------------------□ "Ha" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y a "Hb" : ⌜a ≠ b⌝ -∗ is_adj_var b ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b --------------------------------------∗ EWP subst' <> v' (subst' <> (λ: <>, update b ib) (update b ib)) <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
w: val
Ha: a = InjLV w
v': val

"Hia" : implements ia da "Hib" : implements ib db --------------------------------------□ "Ha" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y a "Hb" : ⌜a ≠ b⌝ -∗ is_adj_var b ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b --------------------------------------∗ EWP update b ib <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, a))]]}: val → R
Hxa: x ≠ a
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hxb: x ≠ a
w: val
Ha: a = InjLV w
v': val

"Hia" : implements ia da "Hib" : implements ib db --------------------------------------□ "Ha" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, a))]) K₂ y a "Hb" : ⌜a ≠ a⌝ -∗ is_adj_var a ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, a))]) K₂ y a --------------------------------------∗ EWP update a ib <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, a)) :: K₂) y a a }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
w: val
Ha: a = InjLV w
v': val
Hab: a ≠ b
"Hia" : implements ia da "Hib" : implements ib db --------------------------------------□ "Ha" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y a "Hb" : ⌜a ≠ b⌝ -∗ is_adj_var b ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b --------------------------------------∗ EWP update b ib <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, a))]]}: val → R
Hxa: x ≠ a
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hxb: x ≠ a
w: val
Ha: a = InjLV w
v': val

"Hia" : implements ia da "Hib" : implements ib db --------------------------------------□ "Ha" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, a))]) K₂ y a "Hb" : ⌜a ≠ a⌝ -∗ is_adj_var a ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, a))]) K₂ y a --------------------------------------∗ EWP update a ib <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, a)) :: K₂) y a a }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, a))]]}: val → R
Hxa: x ≠ a
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hxb: x ≠ a
w: val
Ha: a = InjLV w
v': val

"Hia" : implements ia da "Hib" : implements ib db --------------------------------------□ "Ha" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, a))]) K₂ y a "Hb" : ⌜a ≠ a⌝ -∗ is_adj_var a ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, a))]) K₂ y a --------------------------------------∗ v : val, (λ _ : val, True) v ={⊤}=∗ verification.both_mapto_diff r K₁ ((x, (op, a, a)) :: K₂) y a a
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, a))]]}: val → R
Hxa: x ≠ a
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hxb: x ≠ a
w: val
Ha: a = InjLV w
v': val

"Hia" : implements ia da "Hib" : implements ib db --------------------------------------□ "Ha" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, a))]) K₂ y a "Hb" : ⌜a ≠ a⌝ -∗ is_adj_var a ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, a))]) K₂ y a --------------------------------------∗ |={⊤}=> verification.both_mapto_diff r K₁ ((x, (op, a, a)) :: K₂) y a a
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, a))]]}: val → R
Hxa: x ≠ a
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hxb: x ≠ a
w: val
Ha: a = InjLV w
v': val

"Hia" : implements ia da "Hib" : implements ib db --------------------------------------□ "Ha" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, a))]) K₂ y a "Hb" : ⌜a ≠ a⌝ -∗ is_adj_var a ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, a))]) K₂ y a --------------------------------------∗ verification.both_mapto_diff r K₁ ((x, (op, a, a)) :: K₂) y a a
iSplitL; [|iIntros "_"]; try (iSplitL; [iPureIntro; naive_solver|]); by iIntros (w' ℓ' ?); simplify_eq.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
w: val
Ha: a = InjLV w
v': val
Hab: a ≠ b

"Hia" : implements ia da "Hib" : implements ib db --------------------------------------□ "Ha" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y a "Hb" : ⌜a ≠ b⌝ -∗ is_adj_var b ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b --------------------------------------∗ EWP update b ib <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
w: val
Ha: a = InjLV w
v': val
Hab: a ≠ b

"Hia" : implements ia da "Hib" : implements ib db --------------------------------------□ "Ha" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y a "Hb" : ⌜a ≠ b⌝ -∗ is_adj_var b ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b --------------------------------------∗ EWP update b ib <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
w: val
Ha: a = InjLV w
v': val
Hab: a ≠ b
H: ( w : val, b = InjLV w) ∨ ( (n : val) ( : loc), b = InjRV (n, #ℓ))

"Hia" : implements ia da "Hib" : implements ib db --------------------------------------□ "Ha" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y a "Hb" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b --------------------------------------∗ EWP update b ib <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
w: val
Ha: a = InjLV w
v': val
Hab: a ≠ b
Hb: ( w : val, b = InjLV w) ∨ ( (n : val) ( : loc), b = InjRV (n, #ℓ))

"Hia" : implements ia da "Hib" : implements ib db --------------------------------------□ "Ha" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y a "Hb" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b --------------------------------------∗ EWP update b ib <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
w: val
Ha: a = InjLV w
Hab: a ≠ b
Hb: ( w : val, b = InjLV w) ∨ ( (n : val) ( : loc), b = InjRV (n, #ℓ))

"Hia" : implements ia da "Hib" : implements ib db --------------------------------------□ "Ha" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y a "Hb" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b --------------------------------------∗ EWP update b ib <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
w: val
Ha: a = InjLV w
Hab: a ≠ b
w': val
Hb: b = InjLV w'

"Hia" : implements ia da "Hib" : implements ib db --------------------------------------□ "Ha" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y a "Hb" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b --------------------------------------∗ EWP update b ib <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
w: val
Ha: a = InjLV w
Hab: a ≠ b
v': val
ℓ': loc
Hb: b = InjRV (v', #ℓ')
"Hia" : implements ia da "Hib" : implements ib db --------------------------------------□ "Ha" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y a "Hb" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b --------------------------------------∗ EWP update b ib <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
w: val
Ha: a = InjLV w
Hab: a ≠ b
w': val
Hb: b = InjLV w'

"Hia" : implements ia da "Hib" : implements ib db --------------------------------------□ "Ha" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y a "Hb" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b --------------------------------------∗ EWP update b ib <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
w: val
Ha: a = InjLV w
Hab: a ≠ b
w': val
Hb: b = InjLV w'

"Hia" : implements ia da "Hib" : implements ib db --------------------------------------□ "Ha" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y a "Hb" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b --------------------------------------∗ v : val, (λ _ : val, True) v ={⊤}=∗ verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
w: val
Ha: a = InjLV w
Hab: a ≠ b
w': val
Hb: b = InjLV w'

"Hia" : implements ia da "Hib" : implements ib db --------------------------------------□ "Ha" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y a "Hb" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b --------------------------------------∗ |={⊤}=> verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
w: val
Ha: a = InjLV w
Hab: a ≠ b
w': val
Hb: b = InjLV w'

"Hia" : implements ia da "Hib" : implements ib db --------------------------------------□ "Ha" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y a "Hb" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b --------------------------------------∗ verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b
iSplitL; [|iIntros "_"]; try (iSplitL; [iPureIntro; naive_solver|]); by iIntros (w'' ℓ'' ?); simplify_eq.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
w: val
Ha: a = InjLV w
Hab: a ≠ b
v': val
ℓ': loc
Hb: b = InjRV (v', #ℓ')

"Hia" : implements ia da "Hib" : implements ib db --------------------------------------□ "Ha" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y a "Hb" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b --------------------------------------∗ EWP update b ib <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
w: val
Ha: a = InjLV w
Hab: a ≠ b
v': val
ℓ': loc
Hb: b = InjRV (v', #ℓ')

"Hia" : implements ia da "Hib" : implements ib db --------------------------------------□ "Ha" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y a "Hb" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b --------------------------------------∗ EWP update b ib <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
w: val
Ha: a = InjLV w
Hab: a ≠ b
v': val
ℓ': loc
Hb: b = InjRV (v', #ℓ')
d: val
s: R
H: s =ᵣ (∂ Let K₂ .in y ./ ∂ b .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d s --------------------------------------□ "Ha" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y a "Hℓ'" : ℓ' ↦ d --------------------------------------∗ EWP update b ib <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
w: val
Ha: a = InjLV w
Hab: a ≠ b
v': val
ℓ': loc
Hb: b = InjRV (v', #ℓ')
d: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ b .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d s --------------------------------------□ "Ha" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y a "Hℓ'" : ℓ' ↦ d --------------------------------------∗ EWP update b ib <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
w: val
Ha: a = InjLV w
Hab: a ≠ b
v': val
ℓ': loc
Hb: b = InjRV (v', #ℓ')
d: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ b .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d s --------------------------------------□ "Hℓ'" : ℓ' ↦ d --------------------------------------∗ EWP update b ib <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
w: val
Ha: a = InjLV w
Hab: a ≠ b
v': val
ℓ': loc
Hb: b = InjRV (v', #ℓ')
d: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ b .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d s --------------------------------------□ v : val, (λ _ : val, d : val, ℓ' ↦ d ∗ implements d (s +ᵣ db)) v ={⊤}=∗ verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
w: val
Ha: a = InjLV w
Hab: a ≠ b
v': val
ℓ': loc
Hb: b = InjRV (v', #ℓ')
d: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ b .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d s --------------------------------------□ ( d : val, ℓ' ↦ d ∗ implements d (s +ᵣ db)) ={⊤}=∗ verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
w: val
Ha: a = InjLV w
Hab: a ≠ b
v': val
ℓ': loc
Hb: b = InjRV (v', #ℓ')
d: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ b .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))

"Hia" : implements ia da "Hib" : implements ib db --------------------------------------□ ( d : val, ℓ' ↦ d ∗ implements d (s +ᵣ db)) ={⊤}=∗ verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
w: val
Ha: a = InjLV w
Hab: a ≠ b
v': val
ℓ': loc
Hb: b = InjRV (v', #ℓ')
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ b .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))

"Hia" : implements ia da "Hib" : implements ib db --------------------------------------□ ( d : val, ℓ' ↦ d ∗ implements d (s +ᵣ db)) ={⊤}=∗ verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
w: val
Ha: a = InjLV w
Hab: a ≠ b
v': val
ℓ': loc
Hb: b = InjRV (v', #ℓ')
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ b .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
d: val

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d (s +ᵣ db) --------------------------------------□ "Hℓ'" : ℓ' ↦ d --------------------------------------∗ |={⊤}=> verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
w: val
Ha: a = InjLV w
Hab: a ≠ b
v': val
ℓ': loc
Hb: b = InjRV (v', #ℓ')
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ b .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
d: val

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d (s +ᵣ db) --------------------------------------□ "Hℓ'" : ℓ' ↦ d --------------------------------------∗ verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
w: val
Ha: a = InjLV w
Hab: a ≠ b
v': val
ℓ': loc
Hb: b = InjRV (v', #ℓ')
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ b .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
d, v: val
: loc
H: b = InjRV (v, #ℓ)

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d (s +ᵣ db) --------------------------------------□ "Hℓ'" : ℓ' ↦ d --------------------------------------∗ (d : val) (s : R), implements d s ∗ ⌜s =ᵣ (∂ Let (x, (op, a, b)) :: K₂ .in y ./ ∂ b .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁]}))⌝ ∗ ℓ ↦ d
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
w: val
Ha: a = InjLV w
Hab: a ≠ b
v': val
ℓ': loc
Hb: b = InjRV (v', #ℓ')
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ b .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
d, v: val
: loc
H: b = InjRV (v, #ℓ)

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d (s +ᵣ db) --------------------------------------□ "Hℓ'" : ℓ' ↦ d --------------------------------------∗ implements d (s +ᵣ db) ∗ ⌜(s +ᵣ db) =ᵣ (∂ Let (x, (op, a, b)) :: K₂ .in y ./ ∂ b .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁]}))⌝ ∗ ℓ ↦ d
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
w: val
Ha: a = InjLV w
Hab: a ≠ b
v': val
ℓ': loc
Hb: b = InjRV (v', #ℓ')
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ b .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
d, v: val
: loc
H: b = InjRV (v, #ℓ)

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d (s +ᵣ db) --------------------------------------□ "Hℓ'" : ℓ' ↦ d --------------------------------------∗ ⌜(s +ᵣ db) =ᵣ (∂ Let (x, (op, a, b)) :: K₂ .in y ./ ∂ b .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁]}))⌝ ∗ ℓ ↦ d
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
w: val
Ha: a = InjLV w
Hab: a ≠ b
v': val
ℓ': loc
Hb: b = InjRV (v', #ℓ')
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ b .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
d, v: val
: loc
H: b = InjRV (v, #ℓ)

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d (s +ᵣ db) --------------------------------------□ ⌜(s +ᵣ db) =ᵣ (∂ Let (x, (op, a, b)) :: K₂ .in y ./ ∂ b .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁]}))⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
w: val
Ha: a = InjLV w
Hab: a ≠ b
v': val
ℓ': loc
Hb: b = InjRV (v', #ℓ')
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ b .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
d, v: val
: loc
H: b = InjRV (v, #ℓ)

(s +ᵣ db) =ᵣ (∂ Let (x, (op, a, b)) :: K₂ .in y ./ ∂ b .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁]}))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
w: val
Ha: a = InjLV w
Hab: a ≠ b
v': val
ℓ': loc
Hb: b = InjRV (v', #ℓ')
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ b .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
d, v: val
: loc
H: b = InjRV (v, #ℓ)

((∂ Let K₂ .in y ./ ∂ b .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]})) +ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))) =ᵣ (∂ Let (x, (op, a, b)) :: K₂ .in y ./ ∂ b .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁]}))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
w: val
Ha: a = InjLV w
Hab: a ≠ b
v': val
ℓ': loc
Hb: b = InjRV (v', #ℓ')
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ b .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
d, v: val
: loc
H: b = InjRV (v, #ℓ)

((∂ Let K₂ .in y ./ ∂ b .at (ϱ .{[ K₁ ++ [(x, (op, a, b))]]})) +ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))) =ᵣ (∂ Let (x, (op, a, b)) :: K₂ .in y ./ ∂ b .at (ϱ .{[ K₁]}))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
w: val
Ha: a = InjLV w
Hab: a ≠ b
v': val
ℓ': loc
Hb: b = InjRV (v', #ℓ')
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ b .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
d, v: val
: loc
H: b = InjRV (v, #ℓ)

((∂ Let K₂ .in y ./ ∂ b .at (ϱ .{[ K₁ ++ [(x, (op, a, b))]]})) +ᵣ (if op thenLet K₂ .in y ./ ∂ x .at (ϱ .{[ K₁ ++ [(x, (op, a, b))]]}) else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at (ϱ .{[ K₁ ++ [(x, (op, a, b))]]})))) =ᵣ (∂ Let (x, (op, a, b)) :: K₂ .in y ./ ∂ b .at (ϱ .{[ K₁]}))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
w: val
Ha: a = InjLV w
Hab: a ≠ b
v': val
ℓ': loc
Hb: b = InjRV (v', #ℓ')
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ b .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
d, v: val
: loc
H: b = InjRV (v, #ℓ)

((∂ Let K₂ .in y ./ ∂ b .at (ϱ .{[ K₁ ++ [(x, (op, a, b))]]})) +ᵣ (if op thenLet K₂ .in y ./ ∂ x .at (ϱ .{[ K₁ ++ [(x, (op, a, b))]]}) else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at (ϱ .{[ K₁ ++ [(x, (op, a, b))]]})))) =ᵣ ((∂ Let K₂ .in y ./ ∂ b .at ((ϱ .{[ K₁]}) .{[ x := denote op ((ϱ .{[ K₁]}) a) ((ϱ .{[ K₁]}) b)]})) +ᵣ (∂ Let K₂ .in y ./ ∂ x .at ((ϱ .{[ K₁]}) .{[ x := denote op ((ϱ .{[ K₁]}) a) ((ϱ .{[ K₁]}) b)]})) ×ᵣ (∂ Node val op (Leaf val a) (Leaf val b) ./ ∂ b .at (ϱ .{[ K₁]})))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
w: val
Ha: a = InjLV w
Hab: a ≠ b
v': val
ℓ': loc
Hb: b = InjRV (v', #ℓ')
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ b .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
d, v: val
: loc
H: b = InjRV (v, #ℓ)

((∂ Let K₂ .in y ./ ∂ b .at ((ϱ .{[ K₁]}) .{[ x := denote op ((ϱ .{[ K₁]}) a) ((ϱ .{[ K₁]}) b)]})) +ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ((ϱ .{[ K₁]}) .{[ x := denote op ((ϱ .{[ K₁]}) a) ((ϱ .{[ K₁]}) b)]}) else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ((ϱ .{[ K₁]}) .{[ x := denote op ((ϱ .{[ K₁]}) a) ((ϱ .{[ K₁]}) b)]})))) =ᵣ ((∂ Let K₂ .in y ./ ∂ b .at ((ϱ .{[ K₁]}) .{[ x := denote op ((ϱ .{[ K₁]}) a) ((ϱ .{[ K₁]}) b)]})) +ᵣ (∂ Let K₂ .in y ./ ∂ x .at ((ϱ .{[ K₁]}) .{[ x := denote op ((ϱ .{[ K₁]}) a) ((ϱ .{[ K₁]}) b)]})) ×ᵣ match op with | Add => (if decide (b = a) then Iᵣ else Oᵣ) +ᵣ (if decide (b = b) then Iᵣ else Oᵣ) | Mul => (if decide (b = a) then Iᵣ else Oᵣ) ×ᵣ (ϱ .{[ K₁]}) b +ᵣ (ϱ .{[ K₁]}) a ×ᵣ (if decide (b = b) then Iᵣ else Oᵣ) end)
destruct op; try ( rewrite decide_False; [|done]; rewrite decide_True; [|done]); ring. } }
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
v: val
: loc
Ha: a = InjRV (v, #ℓ)

"Hia" : implements ia da "Hib" : implements ib db --------------------------------------□ "Ha" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y a "Hb" : ⌜a ≠ b⌝ -∗ is_adj_var b ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b --------------------------------------∗ EWP update a ia <| Ψ |> {{ v, EWP fill_item (AppRCtx (λ: <>, update b ib)) v <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }} }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
v: val
: loc
Ha: a = InjRV (v, #ℓ)

"Hia" : implements ia da "Hib" : implements ib db --------------------------------------□ "Ha" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y a "Hb" : ⌜a ≠ b⌝ -∗ is_adj_var b ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b --------------------------------------∗ EWP update a ia <| Ψ |> {{ v, EWP fill_item (AppRCtx (λ: <>, update b ib)) v <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }} }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
v: val
: loc
Ha: a = InjRV (v, #ℓ)
d: val
s: R
H: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d s --------------------------------------□ "Hb" : ⌜a ≠ b⌝ -∗ is_adj_var b ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b "Hℓ" : ℓ ↦ d --------------------------------------∗ EWP update a ia <| Ψ |> {{ v, EWP fill_item (AppRCtx (λ: <>, update b ib)) v <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }} }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
v: val
: loc
Ha: a = InjRV (v, #ℓ)
d: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d s --------------------------------------□ "Hb" : ⌜a ≠ b⌝ -∗ is_adj_var b ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b "Hℓ" : ℓ ↦ d --------------------------------------∗ EWP update a ia <| Ψ |> {{ v, EWP fill_item (AppRCtx (λ: <>, update b ib)) v <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }} }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
v: val
: loc
Ha: a = InjRV (v, #ℓ)
d: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d s --------------------------------------□ "Hb" : ⌜a ≠ b⌝ -∗ is_adj_var b ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b --------------------------------------∗ v : val, (λ _ : val, d : val, ℓ ↦ d ∗ implements d (s +ᵣ da)) v ={⊤}=∗ EWP fill_item (AppRCtx (λ: <>, update b ib)) v <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
v: val
: loc
Ha: a = InjRV (v, #ℓ)
d: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
w: val

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d s --------------------------------------□ "Hb" : ⌜a ≠ b⌝ -∗ is_adj_var b ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b --------------------------------------∗ ( d : val, ℓ ↦ d ∗ implements d (s +ᵣ da)) ={⊤}=∗ EWP fill_item (AppRCtx (λ: <>, update b ib)) w <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
v: val
: loc
Ha: a = InjRV (v, #ℓ)
d: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
w: val

"Hia" : implements ia da "Hib" : implements ib db --------------------------------------□ "Hb" : ⌜a ≠ b⌝ -∗ is_adj_var b ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b --------------------------------------∗ ( d : val, ℓ ↦ d ∗ implements d (s +ᵣ da)) ={⊤}=∗ EWP fill_item (AppRCtx (λ: <>, update b ib)) w <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
w: val

"Hia" : implements ia da "Hib" : implements ib db --------------------------------------□ "Hb" : ⌜a ≠ b⌝ -∗ is_adj_var b ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b --------------------------------------∗ ( d : val, ℓ ↦ d ∗ implements d (s +ᵣ da)) ={⊤}=∗ EWP fill_item (AppRCtx (λ: <>, update b ib)) w <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
w, d: val

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d (s +ᵣ da) --------------------------------------□ "Hb" : ⌜a ≠ b⌝ -∗ is_adj_var b ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b "Hℓ" : ℓ ↦ d --------------------------------------∗ |={⊤}=> EWP fill_item (AppRCtx (λ: <>, update b ib)) w <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
w, d: val

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d (s +ᵣ da) --------------------------------------□ "Hb" : ⌜a ≠ b⌝ -∗ is_adj_var b ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b "Hℓ" : ℓ ↦ d --------------------------------------∗ EWP fill_item (AppRCtx (λ: <>, update b ib)) w <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
w, d: val

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d (s +ᵣ da) --------------------------------------□ "Hb" : ⌜a ≠ b⌝ -∗ is_adj_var b ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b "Hℓ" : ℓ ↦ d --------------------------------------∗ EWP w;; update b ib <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
w, d: val

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d (s +ᵣ da) --------------------------------------□ "Hb" : ⌜a ≠ b⌝ -∗ is_adj_var b ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b "Hℓ" : ℓ ↦ d --------------------------------------∗ EWP λ: <>, update b ib <| Ψ |> {{ v, EWP fill_item (AppLCtx w) v <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }} }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
w, d: val

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d (s +ᵣ da) --------------------------------------□ "Hb" : ⌜a ≠ b⌝ -∗ is_adj_var b ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b "Hℓ" : ℓ ↦ d --------------------------------------∗ EWP (λ: <>, update b ib)%V <| Ψ |> {{ v, EWP fill_item (AppLCtx w) v <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }} }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
w, d: val

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d (s +ᵣ da) --------------------------------------□ "Hb" : ⌜a ≠ b⌝ -∗ is_adj_var b ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b "Hℓ" : ℓ ↦ d --------------------------------------∗ EWP fill_item (AppLCtx w) (λ: <>, update b ib)%V <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
w, d: val

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d (s +ᵣ da) --------------------------------------□ "Hb" : ⌜a ≠ b⌝ -∗ is_adj_var b ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b "Hℓ" : ℓ ↦ d --------------------------------------∗ EWP subst' <> w (subst' <> (λ: <>, update b ib) (update b ib)) <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
w, d: val

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d (s +ᵣ da) --------------------------------------□ "Hb" : ⌜a ≠ b⌝ -∗ is_adj_var b ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b "Hℓ" : ℓ ↦ d --------------------------------------∗ EWP update b ib <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
d: val

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d (s +ᵣ da) --------------------------------------□ "Hb" : ⌜a ≠ b⌝ -∗ is_adj_var b ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b "Hℓ" : ℓ ↦ d --------------------------------------∗ EWP update b ib <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, a))]]}: val → R
Hxa: x ≠ a
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hxb: x ≠ a
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, a))]]}))
d: val

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d (s +ᵣ da) --------------------------------------□ "Hb" : ⌜a ≠ a⌝ -∗ is_adj_var a ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, a))]) K₂ y a "Hℓ" : ℓ ↦ d --------------------------------------∗ EWP update a ib <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, a)) :: K₂) y a a }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
d: val
Hab: a ≠ b
"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d (s +ᵣ da) --------------------------------------□ "Hb" : ⌜a ≠ b⌝ -∗ is_adj_var b ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b "Hℓ" : ℓ ↦ d --------------------------------------∗ EWP update b ib <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, a))]]}: val → R
Hxa: x ≠ a
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hxb: x ≠ a
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, a))]]}))
d: val

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d (s +ᵣ da) --------------------------------------□ "Hb" : ⌜a ≠ a⌝ -∗ is_adj_var a ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, a))]) K₂ y a "Hℓ" : ℓ ↦ d --------------------------------------∗ EWP update a ib <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, a)) :: K₂) y a a }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, a))]]}: val → R
Hxa: x ≠ a
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hxb: x ≠ a
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, a))]]}))
d: val

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d (s +ᵣ da) --------------------------------------□ "Hb" : ⌜a ≠ a⌝ -∗ is_adj_var a ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, a))]) K₂ y a --------------------------------------∗ v : val, (λ _ : val, d : val, ℓ ↦ d ∗ implements d ((s +ᵣ da) +ᵣ db)) v ={⊤}=∗ verification.both_mapto_diff r K₁ ((x, (op, a, a)) :: K₂) y a a
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, a))]]}: val → R
Hxa: x ≠ a
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hxb: x ≠ a
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, a))]]}))
d, w: val

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d (s +ᵣ da) --------------------------------------□ "Hb" : ⌜a ≠ a⌝ -∗ is_adj_var a ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, a))]) K₂ y a --------------------------------------∗ ( d : val, ℓ ↦ d ∗ implements d ((s +ᵣ da) +ᵣ db)) ={⊤}=∗ verification.both_mapto_diff r K₁ ((x, (op, a, a)) :: K₂) y a a
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, a))]]}: val → R
Hxa: x ≠ a
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hxb: x ≠ a
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, a))]]}))
d, w: val

"Hia" : implements ia da "Hib" : implements ib db --------------------------------------□ "Hb" : ⌜a ≠ a⌝ -∗ is_adj_var a ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, a))]) K₂ y a --------------------------------------∗ ( d : val, ℓ ↦ d ∗ implements d ((s +ᵣ da) +ᵣ db)) ={⊤}=∗ verification.both_mapto_diff r K₁ ((x, (op, a, a)) :: K₂) y a a
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, a))]]}: val → R
Hxa: x ≠ a
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hxb: x ≠ a
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, a))]]}))
w: val

"Hia" : implements ia da "Hib" : implements ib db --------------------------------------□ "Hb" : ⌜a ≠ a⌝ -∗ is_adj_var a ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, a))]) K₂ y a --------------------------------------∗ ( d : val, ℓ ↦ d ∗ implements d ((s +ᵣ da) +ᵣ db)) ={⊤}=∗ verification.both_mapto_diff r K₁ ((x, (op, a, a)) :: K₂) y a a
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, a))]]}: val → R
Hxa: x ≠ a
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hxb: x ≠ a
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, a))]]}))
w, d: val

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d ((s +ᵣ da) +ᵣ db) --------------------------------------□ "Hb" : ⌜a ≠ a⌝ -∗ is_adj_var a ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, a))]) K₂ y a "Hℓ" : ℓ ↦ d --------------------------------------∗ |={⊤}=> verification.both_mapto_diff r K₁ ((x, (op, a, a)) :: K₂) y a a
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, a))]]}: val → R
Hxa: x ≠ a
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hxb: x ≠ a
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, a))]]}))
w, d: val

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d ((s +ᵣ da) +ᵣ db) --------------------------------------□ "Hb" : ⌜a ≠ a⌝ -∗ is_adj_var a ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, a))]) K₂ y a "Hℓ" : ℓ ↦ d --------------------------------------∗ verification.both_mapto_diff r K₁ ((x, (op, a, a)) :: K₂) y a a
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, a))]]}: val → R
Hxa: x ≠ a
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hxb: x ≠ a
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, a))]]}))
w, d: val

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d ((s +ᵣ da) +ᵣ db) --------------------------------------□ "Hb" : ⌜a ≠ a⌝ -∗ is_adj_var a ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, a))]) K₂ y a "Hℓ" : ℓ ↦ d --------------------------------------∗ verification.both_mapto_diff r K₁ ((x, (op, a, a)) :: K₂) y a a
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, a))]]}: val → R
Hxa: x ≠ a
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hxb: x ≠ a
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, a))]]}))
w, d: val

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d ((s +ᵣ da) +ᵣ db) --------------------------------------□ "Hb" : ⌜a ≠ a⌝ -∗ is_adj_var a ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, a))]) K₂ y a "Hℓ" : ℓ ↦ d --------------------------------------∗ is_adj_var a ∗ verification.mapsto_diff r K₁ ((x, (op, a, a)) :: K₂) y a
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, a))]]}: val → R
Hxa: x ≠ a
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hxb: x ≠ a
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, a))]]}))
w, d: val

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d ((s +ᵣ da) +ᵣ db) --------------------------------------□ "Hb" : ⌜a ≠ a⌝ -∗ is_adj_var a ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, a))]) K₂ y a "Hℓ" : ℓ ↦ d --------------------------------------∗ verification.mapsto_diff r K₁ ((x, (op, a, a)) :: K₂) y a
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, a))]]}: val → R
Hxa: x ≠ a
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hxb: x ≠ a
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, a))]]}))
w, d, v': val
ℓ': loc
H: a = InjRV (v', #ℓ')

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d ((s +ᵣ da) +ᵣ db) --------------------------------------□ "Hb" : ⌜a ≠ a⌝ -∗ is_adj_var a ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, a))]) K₂ y a "Hℓ" : ℓ ↦ d --------------------------------------∗ (d : val) (s : R), implements d s ∗ ⌜s =ᵣ (∂ Let (x, (op, a, a)) :: K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁]}))⌝ ∗ ℓ' ↦ d
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, a))]]}: val → R
Hxa: x ≠ a
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hxb: x ≠ a
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, a))]]}))
w, d, v': val
ℓ': loc
H: a = InjRV (v', #ℓ')

v' = v
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, a))]]}: val → R
Hxa: x ≠ a
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hxb: x ≠ a
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, a))]]}))
w, d: val
ℓ': loc
H: a = InjRV (v, #ℓ')
"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d ((s +ᵣ da) +ᵣ db) --------------------------------------□ "Hb" : ⌜a ≠ a⌝ -∗ is_adj_var a ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, a))]) K₂ y a "Hℓ" : ℓ ↦ d --------------------------------------∗ (d : val) (s : R), implements d s ∗ ⌜s =ᵣ (∂ Let (x, (op, a, a)) :: K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁]}))⌝ ∗ ℓ' ↦ d
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, a))]]}: val → R
Hxa: x ≠ a
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hxb: x ≠ a
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, a))]]}))
w, d, v': val
ℓ': loc
H: a = InjRV (v', #ℓ')

v' = v
by simplify_eq.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, a))]]}: val → R
Hxa: x ≠ a
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hxb: x ≠ a
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, a))]]}))
w, d: val
ℓ': loc
H: a = InjRV (v, #ℓ')

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d ((s +ᵣ da) +ᵣ db) --------------------------------------□ "Hb" : ⌜a ≠ a⌝ -∗ is_adj_var a ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, a))]) K₂ y a "Hℓ" : ℓ ↦ d --------------------------------------∗ (d : val) (s : R), implements d s ∗ ⌜s =ᵣ (∂ Let (x, (op, a, a)) :: K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁]}))⌝ ∗ ℓ' ↦ d
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, a))]]}: val → R
Hxa: x ≠ a
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hxb: x ≠ a
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, a))]]}))
w, d: val
ℓ': loc
H: a = InjRV (v, #ℓ')

ℓ' = ℓ
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, a))]]}: val → R
Hxa: x ≠ a
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hxb: x ≠ a
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, a))]]}))
w, d: val
H: a = InjRV (v, #ℓ)
"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d ((s +ᵣ da) +ᵣ db) --------------------------------------□ "Hb" : ⌜a ≠ a⌝ -∗ is_adj_var a ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, a))]) K₂ y a "Hℓ" : ℓ ↦ d --------------------------------------∗ (d : val) (s : R), implements d s ∗ ⌜s =ᵣ (∂ Let (x, (op, a, a)) :: K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁]}))⌝ ∗ ℓ ↦ d
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, a))]]}: val → R
Hxa: x ≠ a
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hxb: x ≠ a
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, a))]]}))
w, d: val
ℓ': loc
H: a = InjRV (v, #ℓ')

ℓ' = ℓ
by simplify_eq.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, a))]]}: val → R
Hxa: x ≠ a
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hxb: x ≠ a
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, a))]]}))
w, d: val
H: a = InjRV (v, #ℓ)

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d ((s +ᵣ da) +ᵣ db) --------------------------------------□ "Hb" : ⌜a ≠ a⌝ -∗ is_adj_var a ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, a))]) K₂ y a "Hℓ" : ℓ ↦ d --------------------------------------∗ (d : val) (s : R), implements d s ∗ ⌜s =ᵣ (∂ Let (x, (op, a, a)) :: K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁]}))⌝ ∗ ℓ ↦ d
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, a))]]}: val → R
Hxa: x ≠ a
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hxb: x ≠ a
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, a))]]}))
w, d: val
H: a = InjRV (v, #ℓ)

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d ((s +ᵣ da) +ᵣ db) --------------------------------------□ "Hb" : ⌜a ≠ a⌝ -∗ is_adj_var a ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, a))]) K₂ y a "Hℓ" : ℓ ↦ d --------------------------------------∗ implements d ((s +ᵣ da) +ᵣ db) ∗ ⌜((s +ᵣ da) +ᵣ db) =ᵣ (∂ Let (x, (op, a, a)) :: K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁]}))⌝ ∗ ℓ ↦ d
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, a))]]}: val → R
Hxa: x ≠ a
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hxb: x ≠ a
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, a))]]}))
w, d: val
H: a = InjRV (v, #ℓ)

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d ((s +ᵣ da) +ᵣ db) --------------------------------------□ "Hb" : ⌜a ≠ a⌝ -∗ is_adj_var a ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, a))]) K₂ y a "Hℓ" : ℓ ↦ d --------------------------------------∗ ⌜((s +ᵣ da) +ᵣ db) =ᵣ (∂ Let (x, (op, a, a)) :: K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁]}))⌝ ∗ ℓ ↦ d
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, a))]]}: val → R
Hxa: x ≠ a
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hxb: x ≠ a
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, a))]]}))
w, d: val
H: a = InjRV (v, #ℓ)

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d ((s +ᵣ da) +ᵣ db) --------------------------------------□ "Hb" : ⌜a ≠ a⌝ -∗ is_adj_var a ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, a))]) K₂ y a --------------------------------------∗ ⌜((s +ᵣ da) +ᵣ db) =ᵣ (∂ Let (x, (op, a, a)) :: K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁]}))⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, a))]]}: val → R
Hxa: x ≠ a
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hxb: x ≠ a
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, a))]]}))
w, d: val
H: a = InjRV (v, #ℓ)

((s +ᵣ da) +ᵣ db) =ᵣ (∂ Let (x, (op, a, a)) :: K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁]}))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, a))]]}: val → R
Hxa: x ≠ a
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hxb: x ≠ a
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, a))]]}))
w, d: val
H: a = InjRV (v, #ℓ)

(((∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, a))]]})) +ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))) +ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))) =ᵣ (∂ Let (x, (op, a, a)) :: K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁]}))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, a))]]}: val → R
Hxa: x ≠ a
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hxb: x ≠ a
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, a))]]}))
w, d: val
H: a = InjRV (v, #ℓ)

(((∂ Let K₂ .in y ./ ∂ a .at (ϱ .{[ K₁ ++ [(x, (op, a, a))]]})) +ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))) +ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))) =ᵣ (∂ Let (x, (op, a, a)) :: K₂ .in y ./ ∂ a .at (ϱ .{[ K₁]}))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, a))]]}: val → R
Hxa: x ≠ a
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hxb: x ≠ a
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, a))]]}))
w, d: val
H: a = InjRV (v, #ℓ)

(((∂ Let K₂ .in y ./ ∂ a .at (ϱ .{[ K₁ ++ [(x, (op, a, a))]]})) +ᵣ (if op thenLet K₂ .in y ./ ∂ x .at (ϱ .{[ K₁ ++ [(x, (op, a, a))]]}) else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at (ϱ .{[ K₁ ++ [(x, (op, a, a))]]})))) +ᵣ (if op thenLet K₂ .in y ./ ∂ x .at (ϱ .{[ K₁ ++ [(x, (op, a, a))]]}) else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at (ϱ .{[ K₁ ++ [(x, (op, a, a))]]})))) =ᵣ (∂ Let (x, (op, a, a)) :: K₂ .in y ./ ∂ a .at (ϱ .{[ K₁]}))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, a))]]}: val → R
Hxa: x ≠ a
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hxb: x ≠ a
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, a))]]}))
w, d: val
H: a = InjRV (v, #ℓ)

(((∂ Let K₂ .in y ./ ∂ a .at (ϱ .{[ K₁ ++ [(x, (op, a, a))]]})) +ᵣ (if op thenLet K₂ .in y ./ ∂ x .at (ϱ .{[ K₁ ++ [(x, (op, a, a))]]}) else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at (ϱ .{[ K₁ ++ [(x, (op, a, a))]]})))) +ᵣ (if op thenLet K₂ .in y ./ ∂ x .at (ϱ .{[ K₁ ++ [(x, (op, a, a))]]}) else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at (ϱ .{[ K₁ ++ [(x, (op, a, a))]]})))) =ᵣ ((∂ Let K₂ .in y ./ ∂ a .at ((ϱ .{[ K₁]}) .{[ x := denote op ((ϱ .{[ K₁]}) a) ((ϱ .{[ K₁]}) a)]})) +ᵣ (∂ Let K₂ .in y ./ ∂ x .at ((ϱ .{[ K₁]}) .{[ x := denote op ((ϱ .{[ K₁]}) a) ((ϱ .{[ K₁]}) a)]})) ×ᵣ (∂ Node val op (Leaf val a) (Leaf val a) ./ ∂ a .at (ϱ .{[ K₁]})))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, a))]]}: val → R
Hxa: x ≠ a
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hxb: x ≠ a
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, a))]]}))
w, d: val
H: a = InjRV (v, #ℓ)

(((∂ Let K₂ .in y ./ ∂ a .at ((ϱ .{[ K₁]}) .{[ x := denote op ((ϱ .{[ K₁]}) a) ((ϱ .{[ K₁]}) a)]})) +ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ((ϱ .{[ K₁]}) .{[ x := denote op ((ϱ .{[ K₁]}) a) ((ϱ .{[ K₁]}) a)]}) else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ((ϱ .{[ K₁]}) .{[ x := denote op ((ϱ .{[ K₁]}) a) ((ϱ .{[ K₁]}) a)]})))) +ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ((ϱ .{[ K₁]}) .{[ x := denote op ((ϱ .{[ K₁]}) a) ((ϱ .{[ K₁]}) a)]}) else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ((ϱ .{[ K₁]}) .{[ x := denote op ((ϱ .{[ K₁]}) a) ((ϱ .{[ K₁]}) a)]})))) =ᵣ ((∂ Let K₂ .in y ./ ∂ a .at ((ϱ .{[ K₁]}) .{[ x := denote op ((ϱ .{[ K₁]}) a) ((ϱ .{[ K₁]}) a)]})) +ᵣ (∂ Let K₂ .in y ./ ∂ x .at ((ϱ .{[ K₁]}) .{[ x := denote op ((ϱ .{[ K₁]}) a) ((ϱ .{[ K₁]}) a)]})) ×ᵣ match op with | Add => (if decide (a = a) then Iᵣ else Oᵣ) +ᵣ (if decide (a = a) then Iᵣ else Oᵣ) | Mul => (if decide (a = a) then Iᵣ else Oᵣ) ×ᵣ (ϱ .{[ K₁]}) a +ᵣ (ϱ .{[ K₁]}) a ×ᵣ (if decide (a = a) then Iᵣ else Oᵣ) end)
by destruct op; repeat (rewrite decide_True; [|done]); ring.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
d: val
Hab: a ≠ b

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d (s +ᵣ da) --------------------------------------□ "Hb" : ⌜a ≠ b⌝ -∗ is_adj_var b ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b "Hℓ" : ℓ ↦ d --------------------------------------∗ EWP update b ib <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
d: val
Hab: a ≠ b

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d (s +ᵣ da) --------------------------------------□ "Hb" : ⌜a ≠ b⌝ -∗ is_adj_var b ∗ verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b "Hℓ" : ℓ ↦ d --------------------------------------∗ EWP update b ib <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
d: val
Hab: a ≠ b
H: ( w : val, b = InjLV w) ∨ ( (n : val) ( : loc), b = InjRV (n, #ℓ))

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d (s +ᵣ da) --------------------------------------□ "Hℓ" : ℓ ↦ d "Hb" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b --------------------------------------∗ EWP update b ib <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
d: val
Hab: a ≠ b
Hb: ( w : val, b = InjLV w) ∨ ( (n : val) ( : loc), b = InjRV (n, #ℓ))

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d (s +ᵣ da) --------------------------------------□ "Hℓ" : ℓ ↦ d "Hb" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b --------------------------------------∗ EWP update b ib <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
d: val
Hab: a ≠ b
w': val
Hb: b = InjLV w'

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d (s +ᵣ da) --------------------------------------□ "Hℓ" : ℓ ↦ d "Hb" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b --------------------------------------∗ EWP update b ib <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
d: val
Hab: a ≠ b
v': val
ℓ': loc
Hb: b = InjRV (v', #ℓ')
"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d (s +ᵣ da) --------------------------------------□ "Hℓ" : ℓ ↦ d "Hb" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b --------------------------------------∗ EWP update b ib <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
d: val
Hab: a ≠ b
w': val
Hb: b = InjLV w'

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d (s +ᵣ da) --------------------------------------□ "Hℓ" : ℓ ↦ d "Hb" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b --------------------------------------∗ EWP update b ib <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
d: val
Hab: a ≠ b
w': val
Hb: b = InjLV w'

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d (s +ᵣ da) --------------------------------------□ "Hℓ" : ℓ ↦ d "Hb" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b --------------------------------------∗ v : val, (λ _ : val, True) v ={⊤}=∗ verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
d: val
Hab: a ≠ b
w': val
Hb: b = InjLV w'

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d (s +ᵣ da) --------------------------------------□ "Hℓ" : ℓ ↦ d "Hb" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b --------------------------------------∗ |={⊤}=> verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
d: val
Hab: a ≠ b
w': val
Hb: b = InjLV w'

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d (s +ᵣ da) --------------------------------------□ "Hℓ" : ℓ ↦ d "Hb" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b --------------------------------------∗ verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
d: val
Hab: a ≠ b
w': val
Hb: b = InjLV w'
w: val
l: loc
H: a = InjRV (w, #l)

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d (s +ᵣ da) --------------------------------------□ "Hℓ" : ℓ ↦ d --------------------------------------∗ (d : val) (s : R), implements d s ∗ ⌜s =ᵣ (∂ Let (x, (op, a, b)) :: K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁]}))⌝ ∗ l ↦ d
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
d: val
Hab: a ≠ b
w': val
Hb: b = InjLV w'
w: val
l: loc
H: a = InjRV (w, #l)

w = v
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
d: val
Hab: a ≠ b
w': val
Hb: b = InjLV w'
l: loc
H: a = InjRV (v, #l)
"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d (s +ᵣ da) --------------------------------------□ "Hℓ" : ℓ ↦ d --------------------------------------∗ (d : val) (s : R), implements d s ∗ ⌜s =ᵣ (∂ Let (x, (op, a, b)) :: K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁]}))⌝ ∗ l ↦ d
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
d: val
Hab: a ≠ b
w': val
Hb: b = InjLV w'
w: val
l: loc
H: a = InjRV (w, #l)

w = v
by simplify_eq.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
d: val
Hab: a ≠ b
w': val
Hb: b = InjLV w'
l: loc
H: a = InjRV (v, #l)

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d (s +ᵣ da) --------------------------------------□ "Hℓ" : ℓ ↦ d --------------------------------------∗ (d : val) (s : R), implements d s ∗ ⌜s =ᵣ (∂ Let (x, (op, a, b)) :: K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁]}))⌝ ∗ l ↦ d
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
d: val
Hab: a ≠ b
w': val
Hb: b = InjLV w'
l: loc
H: a = InjRV (v, #l)

l = ℓ
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
d: val
Hab: a ≠ b
w': val
Hb: b = InjLV w'
H: a = InjRV (v, #ℓ)
"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d (s +ᵣ da) --------------------------------------□ "Hℓ" : ℓ ↦ d --------------------------------------∗ (d : val) (s : R), implements d s ∗ ⌜s =ᵣ (∂ Let (x, (op, a, b)) :: K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁]}))⌝ ∗ ℓ ↦ d
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
d: val
Hab: a ≠ b
w': val
Hb: b = InjLV w'
l: loc
H: a = InjRV (v, #l)

l = ℓ
by simplify_eq.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
d: val
Hab: a ≠ b
w': val
Hb: b = InjLV w'
H: a = InjRV (v, #ℓ)

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d (s +ᵣ da) --------------------------------------□ "Hℓ" : ℓ ↦ d --------------------------------------∗ (d : val) (s : R), implements d s ∗ ⌜s =ᵣ (∂ Let (x, (op, a, b)) :: K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁]}))⌝ ∗ ℓ ↦ d
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
d: val
Hab: a ≠ b
w': val
Hb: b = InjLV w'
H: a = InjRV (v, #ℓ)

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d (s +ᵣ da) --------------------------------------□ "Hℓ" : ℓ ↦ d --------------------------------------∗ implements d (s +ᵣ da) ∗ ⌜(s +ᵣ da) =ᵣ (∂ Let (x, (op, a, b)) :: K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁]}))⌝ ∗ ℓ ↦ d
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
d: val
Hab: a ≠ b
w': val
Hb: b = InjLV w'
H: a = InjRV (v, #ℓ)

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d (s +ᵣ da) --------------------------------------□ "Hℓ" : ℓ ↦ d --------------------------------------∗ ⌜(s +ᵣ da) =ᵣ (∂ Let (x, (op, a, b)) :: K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁]}))⌝ ∗ ℓ ↦ d
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
d: val
Hab: a ≠ b
w': val
Hb: b = InjLV w'
H: a = InjRV (v, #ℓ)

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d (s +ᵣ da) --------------------------------------□ ⌜(s +ᵣ da) =ᵣ (∂ Let (x, (op, a, b)) :: K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁]}))⌝
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
d: val
Hab: a ≠ b
w': val
Hb: b = InjLV w'
H: a = InjRV (v, #ℓ)

(s +ᵣ da) =ᵣ (∂ Let (x, (op, a, b)) :: K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁]}))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
d: val
Hab: a ≠ b
w': val
Hb: b = InjLV w'
H: a = InjRV (v, #ℓ)

((∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]})) +ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))) =ᵣ (∂ Let (x, (op, a, b)) :: K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁]}))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
d: val
Hab: a ≠ b
w': val
Hb: b = InjLV w'
H: a = InjRV (v, #ℓ)

((∂ Let K₂ .in y ./ ∂ a .at (ϱ .{[ K₁ ++ [(x, (op, a, b))]]})) +ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))) =ᵣ (∂ Let (x, (op, a, b)) :: K₂ .in y ./ ∂ a .at (ϱ .{[ K₁]}))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
d: val
Hab: a ≠ b
w': val
Hb: b = InjLV w'
H: a = InjRV (v, #ℓ)

((∂ Let K₂ .in y ./ ∂ a .at (ϱ .{[ K₁ ++ [(x, (op, a, b))]]})) +ᵣ (if op thenLet K₂ .in y ./ ∂ x .at (ϱ .{[ K₁ ++ [(x, (op, a, b))]]}) else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at (ϱ .{[ K₁ ++ [(x, (op, a, b))]]})))) =ᵣ (∂ Let (x, (op, a, b)) :: K₂ .in y ./ ∂ a .at (ϱ .{[ K₁]}))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
d: val
Hab: a ≠ b
w': val
Hb: b = InjLV w'
H: a = InjRV (v, #ℓ)

((∂ Let K₂ .in y ./ ∂ a .at (ϱ .{[ K₁ ++ [(x, (op, a, b))]]})) +ᵣ (if op thenLet K₂ .in y ./ ∂ x .at (ϱ .{[ K₁ ++ [(x, (op, a, b))]]}) else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at (ϱ .{[ K₁ ++ [(x, (op, a, b))]]})))) =ᵣ ((∂ Let K₂ .in y ./ ∂ a .at ((ϱ .{[ K₁]}) .{[ x := denote op ((ϱ .{[ K₁]}) a) ((ϱ .{[ K₁]}) b)]})) +ᵣ (∂ Let K₂ .in y ./ ∂ x .at ((ϱ .{[ K₁]}) .{[ x := denote op ((ϱ .{[ K₁]}) a) ((ϱ .{[ K₁]}) b)]})) ×ᵣ (∂ Node val op (Leaf val a) (Leaf val b) ./ ∂ a .at (ϱ .{[ K₁]})))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
d: val
Hab: a ≠ b
w': val
Hb: b = InjLV w'
H: a = InjRV (v, #ℓ)

((∂ Let K₂ .in y ./ ∂ a .at ((ϱ .{[ K₁]}) .{[ x := denote op ((ϱ .{[ K₁]}) a) ((ϱ .{[ K₁]}) b)]})) +ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ((ϱ .{[ K₁]}) .{[ x := denote op ((ϱ .{[ K₁]}) a) ((ϱ .{[ K₁]}) b)]}) else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ((ϱ .{[ K₁]}) .{[ x := denote op ((ϱ .{[ K₁]}) a) ((ϱ .{[ K₁]}) b)]})))) =ᵣ ((∂ Let K₂ .in y ./ ∂ a .at ((ϱ .{[ K₁]}) .{[ x := denote op ((ϱ .{[ K₁]}) a) ((ϱ .{[ K₁]}) b)]})) +ᵣ (∂ Let K₂ .in y ./ ∂ x .at ((ϱ .{[ K₁]}) .{[ x := denote op ((ϱ .{[ K₁]}) a) ((ϱ .{[ K₁]}) b)]})) ×ᵣ match op with | Add => (if decide (a = a) then Iᵣ else Oᵣ) +ᵣ (if decide (a = b) then Iᵣ else Oᵣ) | Mul => (if decide (a = a) then Iᵣ else Oᵣ) ×ᵣ (ϱ .{[ K₁]}) b +ᵣ (ϱ .{[ K₁]}) a ×ᵣ (if decide (a = b) then Iᵣ else Oᵣ) end)
destruct op; try ( rewrite decide_True; [|done]; rewrite decide_False; [|done]); ring.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
d: val
Hab: a ≠ b
v': val
ℓ': loc
Hb: b = InjRV (v', #ℓ')

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d (s +ᵣ da) --------------------------------------□ "Hℓ" : ℓ ↦ d "Hb" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b --------------------------------------∗ EWP update b ib <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
d: val
Hab: a ≠ b
v': val
ℓ': loc
Hb: b = InjRV (v', #ℓ')

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d (s +ᵣ da) --------------------------------------□ "Hℓ" : ℓ ↦ d "Hb" : verification.mapsto_diff r (K₁ ++ [(x, (op, a, b))]) K₂ y b --------------------------------------∗ EWP update b ib <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
d: val
Hab: a ≠ b
v': val
ℓ': loc
Hb: b = InjRV (v', #ℓ')
d': val
s': R
H: s' =ᵣ (∂ Let K₂ .in y ./ ∂ b .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d (s +ᵣ da) "Hd'" : implements d' s' --------------------------------------□ "Hℓ" : ℓ ↦ d "Hℓ'" : ℓ' ↦ d' --------------------------------------∗ EWP update b ib <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
d: val
Hab: a ≠ b
v': val
ℓ': loc
Hb: b = InjRV (v', #ℓ')
d': val
s': R
Hs': s' =ᵣ (∂ Let K₂ .in y ./ ∂ b .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d (s +ᵣ da) "Hd'" : implements d' s' --------------------------------------□ "Hℓ" : ℓ ↦ d "Hℓ'" : ℓ' ↦ d' --------------------------------------∗ EWP update b ib <| Ψ |> {{ _, verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
d: val
Hab: a ≠ b
v': val
ℓ': loc
Hb: b = InjRV (v', #ℓ')
d': val
s': R
Hs': s' =ᵣ (∂ Let K₂ .in y ./ ∂ b .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d (s +ᵣ da) "Hd'" : implements d' s' --------------------------------------□ "Hℓ" : ℓ ↦ d --------------------------------------∗ v : val, (λ _ : val, d : val, ℓ' ↦ d ∗ implements d (s' +ᵣ db)) v ={⊤}=∗ verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
d: val
Hab: a ≠ b
v': val
ℓ': loc
Hb: b = InjRV (v', #ℓ')
d': val
s': R
Hs': s' =ᵣ (∂ Let K₂ .in y ./ ∂ b .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
w: val

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d (s +ᵣ da) "Hd'" : implements d' s' --------------------------------------□ "Hℓ" : ℓ ↦ d --------------------------------------∗ ( d : val, ℓ' ↦ d ∗ implements d (s' +ᵣ db)) ={⊤}=∗ verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
d: val
Hab: a ≠ b
v': val
ℓ': loc
Hb: b = InjRV (v', #ℓ')
d': val
s': R
Hs': s' =ᵣ (∂ Let K₂ .in y ./ ∂ b .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
w: val

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d (s +ᵣ da) --------------------------------------□ "Hℓ" : ℓ ↦ d --------------------------------------∗ ( d : val, ℓ' ↦ d ∗ implements d (s' +ᵣ db)) ={⊤}=∗ verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
d: val
Hab: a ≠ b
v': val
ℓ': loc
Hb: b = InjRV (v', #ℓ')
s': R
Hs': s' =ᵣ (∂ Let K₂ .in y ./ ∂ b .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
w: val

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d (s +ᵣ da) --------------------------------------□ "Hℓ" : ℓ ↦ d --------------------------------------∗ ( d : val, ℓ' ↦ d ∗ implements d (s' +ᵣ db)) ={⊤}=∗ verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
d: val
Hab: a ≠ b
v': val
ℓ': loc
Hb: b = InjRV (v', #ℓ')
s': R
Hs': s' =ᵣ (∂ Let K₂ .in y ./ ∂ b .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
w, d': val

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d (s +ᵣ da) "Hd'" : implements d' (s' +ᵣ db) --------------------------------------□ "Hℓ" : ℓ ↦ d "Hℓ'" : ℓ' ↦ d' --------------------------------------∗ |={⊤}=> verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
a, b, ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ϑ:= ϱ .{[ K₁ ++ [(x, (op, a, b))]]}: val → R
Hxa: x ≠ a
Hxb: x ≠ b
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) b ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) a ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
v: val
: loc
Ha: a = InjRV (v, #ℓ)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ a .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
d: val
Hab: a ≠ b
v': val
ℓ': loc
Hb: b = InjRV (v', #ℓ')
s': R
Hs': s' =ᵣ (∂ Let K₂ .in y ./ ∂ b .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, a, b))]]}))
w, d': val

"Hia" : implements ia da "Hib" : implements ib db "Hd" : implements d (s +ᵣ da) "Hd'" : implements d' (s' +ᵣ db) --------------------------------------□ "Hℓ" : ℓ ↦ d "Hℓ'" : ℓ' ↦ d' --------------------------------------∗ verification.both_mapto_diff r K₁ ((x, (op, a, b)) :: K₂) y a b
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ℓ0: loc
v0: val
Hxa: x ≠ InjRV (v0, #ℓ0)
v': val
ℓ': loc
ϑ:= ϱ .{[ K₁ ++ [(x, (op, InjRV (v0, #ℓ0), InjRV (v', #ℓ')))]]}: val → R
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) (InjRV (v', #ℓ')) ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) (InjRV (v0, #ℓ0)) ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hxb: x ≠ InjRV (v', #ℓ')
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ InjRV (v0, #ℓ0) .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, InjRV (v0, #ℓ0), InjRV (v', #ℓ')))]]}))
d: val
Hab: InjRV (v0, #ℓ0) ≠ InjRV (v', #ℓ')
s': R
Hs': s' =ᵣ (∂ Let K₂ .in y ./ ∂ InjRV (v', #ℓ') .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, InjRV (v0, #ℓ0), InjRV (v', #ℓ')))]]}))
w, d': val

((∂ Let K₂ .in y ./ ∂ InjRV (v0, #ℓ0) .at ((ϱ .{[ K₁]}) .{[ x := denote op ((ϱ .{[ K₁]}) (InjRV (v0, #ℓ0))) ((ϱ .{[ K₁]}) (InjRV (v', #ℓ')))]})) +ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ((ϱ .{[ K₁]}) .{[ x := denote op ((ϱ .{[ K₁]}) (InjRV (v0, #ℓ0))) ((ϱ .{[ K₁]}) (InjRV (v', #ℓ')))]}) else (ϱ .{[ K₁]}) (InjRV (v', #ℓ')) ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ((ϱ .{[ K₁]}) .{[ x := denote op ((ϱ .{[ K₁]}) (InjRV (v0, #ℓ0))) ((ϱ .{[ K₁]}) (InjRV (v', #ℓ')))]})))) =ᵣ ((∂ Let K₂ .in y ./ ∂ InjRV (v0, #ℓ0) .at ((ϱ .{[ K₁]}) .{[ x := denote op ((ϱ .{[ K₁]}) (InjRV (v0, #ℓ0))) ((ϱ .{[ K₁]}) (InjRV (v', #ℓ')))]})) +ᵣ (∂ Let K₂ .in y ./ ∂ x .at ((ϱ .{[ K₁]}) .{[ x := denote op ((ϱ .{[ K₁]}) (InjRV (v0, #ℓ0))) ((ϱ .{[ K₁]}) (InjRV (v', #ℓ')))]})) ×ᵣ match op with | Add => (if decide (InjRV (v0, #ℓ0) = InjRV (v0, #ℓ0)) then Iᵣ else Oᵣ) +ᵣ (if decide (InjRV (v0, #ℓ0) = InjRV (v', #ℓ')) then Iᵣ else Oᵣ) | Mul => (if decide (InjRV (v0, #ℓ0) = InjRV (v0, #ℓ0)) then Iᵣ else Oᵣ) ×ᵣ (ϱ .{[ K₁]}) (InjRV (v', #ℓ')) +ᵣ (ϱ .{[ K₁]}) (InjRV (v0, #ℓ0)) ×ᵣ (if decide (InjRV (v0, #ℓ0) = InjRV (v', #ℓ')) then Iᵣ else Oᵣ) end)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
v: val
ℓ, ℓ0: loc
v0: val
ϑ:= ϱ .{[ K₁ ++ [(x, (op, InjRV (v, #ℓ), InjRV (v0, #ℓ0)))]]}: val → R
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) (InjRV (v0, #ℓ0)) ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) (InjRV (v, #ℓ)) ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hxa: x ≠ InjRV (v, #ℓ)
Hxb: x ≠ InjRV (v0, #ℓ0)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ InjRV (v, #ℓ) .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, InjRV (v, #ℓ), InjRV (v0, #ℓ0)))]]}))
d: val
Hab: InjRV (v, #ℓ) ≠ InjRV (v0, #ℓ0)
s': R
Hs': s' =ᵣ (∂ Let K₂ .in y ./ ∂ InjRV (v0, #ℓ0) .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, InjRV (v, #ℓ), InjRV (v0, #ℓ0)))]]}))
w, d': val
((∂ Let K₂ .in y ./ ∂ InjRV (v0, #ℓ0) .at ((ϱ .{[ K₁]}) .{[ x := denote op ((ϱ .{[ K₁]}) (InjRV (v, #ℓ))) ((ϱ .{[ K₁]}) (InjRV (v0, #ℓ0)))]})) +ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ((ϱ .{[ K₁]}) .{[ x := denote op ((ϱ .{[ K₁]}) (InjRV (v, #ℓ))) ((ϱ .{[ K₁]}) (InjRV (v0, #ℓ0)))]}) else (ϱ .{[ K₁]}) (InjRV (v, #ℓ)) ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ((ϱ .{[ K₁]}) .{[ x := denote op ((ϱ .{[ K₁]}) (InjRV (v, #ℓ))) ((ϱ .{[ K₁]}) (InjRV (v0, #ℓ0)))]})))) =ᵣ ((∂ Let K₂ .in y ./ ∂ InjRV (v0, #ℓ0) .at ((ϱ .{[ K₁]}) .{[ x := denote op ((ϱ .{[ K₁]}) (InjRV (v, #ℓ))) ((ϱ .{[ K₁]}) (InjRV (v0, #ℓ0)))]})) +ᵣ (∂ Let K₂ .in y ./ ∂ x .at ((ϱ .{[ K₁]}) .{[ x := denote op ((ϱ .{[ K₁]}) (InjRV (v, #ℓ))) ((ϱ .{[ K₁]}) (InjRV (v0, #ℓ0)))]})) ×ᵣ match op with | Add => (if decide (InjRV (v0, #ℓ0) = InjRV (v, #ℓ)) then Iᵣ else Oᵣ) +ᵣ (if decide (InjRV (v0, #ℓ0) = InjRV (v0, #ℓ0)) then Iᵣ else Oᵣ) | Mul => (if decide (InjRV (v0, #ℓ0) = InjRV (v, #ℓ)) then Iᵣ else Oᵣ) ×ᵣ (ϱ .{[ K₁]}) (InjRV (v0, #ℓ0)) +ᵣ (ϱ .{[ K₁]}) (InjRV (v, #ℓ)) ×ᵣ (if decide (InjRV (v0, #ℓ0) = InjRV (v0, #ℓ0)) then Iᵣ else Oᵣ) end)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
ℓ0: loc
v0: val
Hxa: x ≠ InjRV (v0, #ℓ0)
v': val
ℓ': loc
ϑ:= ϱ .{[ K₁ ++ [(x, (op, InjRV (v0, #ℓ0), InjRV (v', #ℓ')))]]}: val → R
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) (InjRV (v', #ℓ')) ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) (InjRV (v0, #ℓ0)) ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hxb: x ≠ InjRV (v', #ℓ')
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ InjRV (v0, #ℓ0) .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, InjRV (v0, #ℓ0), InjRV (v', #ℓ')))]]}))
d: val
Hab: InjRV (v0, #ℓ0) ≠ InjRV (v', #ℓ')
s': R
Hs': s' =ᵣ (∂ Let K₂ .in y ./ ∂ InjRV (v', #ℓ') .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, InjRV (v0, #ℓ0), InjRV (v', #ℓ')))]]}))
w, d': val

((∂ Let K₂ .in y ./ ∂ InjRV (v0, #ℓ0) .at ((ϱ .{[ K₁]}) .{[ x := denote op ((ϱ .{[ K₁]}) (InjRV (v0, #ℓ0))) ((ϱ .{[ K₁]}) (InjRV (v', #ℓ')))]})) +ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ((ϱ .{[ K₁]}) .{[ x := denote op ((ϱ .{[ K₁]}) (InjRV (v0, #ℓ0))) ((ϱ .{[ K₁]}) (InjRV (v', #ℓ')))]}) else (ϱ .{[ K₁]}) (InjRV (v', #ℓ')) ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ((ϱ .{[ K₁]}) .{[ x := denote op ((ϱ .{[ K₁]}) (InjRV (v0, #ℓ0))) ((ϱ .{[ K₁]}) (InjRV (v', #ℓ')))]})))) =ᵣ ((∂ Let K₂ .in y ./ ∂ InjRV (v0, #ℓ0) .at ((ϱ .{[ K₁]}) .{[ x := denote op ((ϱ .{[ K₁]}) (InjRV (v0, #ℓ0))) ((ϱ .{[ K₁]}) (InjRV (v', #ℓ')))]})) +ᵣ (∂ Let K₂ .in y ./ ∂ x .at ((ϱ .{[ K₁]}) .{[ x := denote op ((ϱ .{[ K₁]}) (InjRV (v0, #ℓ0))) ((ϱ .{[ K₁]}) (InjRV (v', #ℓ')))]})) ×ᵣ match op with | Add => (if decide (InjRV (v0, #ℓ0) = InjRV (v0, #ℓ0)) then Iᵣ else Oᵣ) +ᵣ (if decide (InjRV (v0, #ℓ0) = InjRV (v', #ℓ')) then Iᵣ else Oᵣ) | Mul => (if decide (InjRV (v0, #ℓ0) = InjRV (v0, #ℓ0)) then Iᵣ else Oᵣ) ×ᵣ (ϱ .{[ K₁]}) (InjRV (v', #ℓ')) +ᵣ (ϱ .{[ K₁]}) (InjRV (v0, #ℓ0)) ×ᵣ (if decide (InjRV (v0, #ℓ0) = InjRV (v', #ℓ')) then Iᵣ else Oᵣ) end)
destruct op; try ( rewrite decide_True; [|done]; rewrite decide_False; [|done]); ring.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: list (val * (Binop * val * val))
K₂: context
y, x: val
op: Binop
ia, ib: val
da, db: R
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
v: val
ℓ, ℓ0: loc
v0: val
ϑ:= ϱ .{[ K₁ ++ [(x, (op, InjRV (v, #ℓ), InjRV (v0, #ℓ0)))]]}: val → R
Hda: da =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) (InjRV (v0, #ℓ0)) ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hdb: db =ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ϑ else (ϱ .{[ K₁]}) (InjRV (v, #ℓ)) ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ϑ))
Hxa: x ≠ InjRV (v, #ℓ)
Hxb: x ≠ InjRV (v0, #ℓ0)
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ InjRV (v, #ℓ) .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, InjRV (v, #ℓ), InjRV (v0, #ℓ0)))]]}))
d: val
Hab: InjRV (v, #ℓ) ≠ InjRV (v0, #ℓ0)
s': R
Hs': s' =ᵣ (∂ Let K₂ .in y ./ ∂ InjRV (v0, #ℓ0) .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(x, (op, InjRV (v, #ℓ), InjRV (v0, #ℓ0)))]]}))
w, d': val

((∂ Let K₂ .in y ./ ∂ InjRV (v0, #ℓ0) .at ((ϱ .{[ K₁]}) .{[ x := denote op ((ϱ .{[ K₁]}) (InjRV (v, #ℓ))) ((ϱ .{[ K₁]}) (InjRV (v0, #ℓ0)))]})) +ᵣ (if op thenLet K₂ .in y ./ ∂ x .at ((ϱ .{[ K₁]}) .{[ x := denote op ((ϱ .{[ K₁]}) (InjRV (v, #ℓ))) ((ϱ .{[ K₁]}) (InjRV (v0, #ℓ0)))]}) else (ϱ .{[ K₁]}) (InjRV (v, #ℓ)) ×ᵣ (∂ Let K₂ .in y ./ ∂ x .at ((ϱ .{[ K₁]}) .{[ x := denote op ((ϱ .{[ K₁]}) (InjRV (v, #ℓ))) ((ϱ .{[ K₁]}) (InjRV (v0, #ℓ0)))]})))) =ᵣ ((∂ Let K₂ .in y ./ ∂ InjRV (v0, #ℓ0) .at ((ϱ .{[ K₁]}) .{[ x := denote op ((ϱ .{[ K₁]}) (InjRV (v, #ℓ))) ((ϱ .{[ K₁]}) (InjRV (v0, #ℓ0)))]})) +ᵣ (∂ Let K₂ .in y ./ ∂ x .at ((ϱ .{[ K₁]}) .{[ x := denote op ((ϱ .{[ K₁]}) (InjRV (v, #ℓ))) ((ϱ .{[ K₁]}) (InjRV (v0, #ℓ0)))]})) ×ᵣ match op with | Add => (if decide (InjRV (v0, #ℓ0) = InjRV (v, #ℓ)) then Iᵣ else Oᵣ) +ᵣ (if decide (InjRV (v0, #ℓ0) = InjRV (v0, #ℓ0)) then Iᵣ else Oᵣ) | Mul => (if decide (InjRV (v0, #ℓ0) = InjRV (v, #ℓ)) then Iᵣ else Oᵣ) ×ᵣ (ϱ .{[ K₁]}) (InjRV (v0, #ℓ0)) +ᵣ (ϱ .{[ K₁]}) (InjRV (v, #ℓ)) ×ᵣ (if decide (InjRV (v0, #ℓ0) = InjRV (v0, #ℓ0)) then Iᵣ else Oᵣ) end)
destruct op; try ( rewrite decide_False; [|done]; rewrite decide_True; [|done]); ring. } } } Qed. End update_twice_spec.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: context
f: val

EWP f (InjRV (nᵣ, #ℓₓ)) <| verification.AD γ ℓₓ nᵣ |> {{ y, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝ }} -∗ verification.forward_inv γ ℓₓ r nᵣ K₁ -∗ EWP handle f (InjRV (nᵣ, #ℓₓ)) <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: context
f: val

EWP f (InjRV (nᵣ, #ℓₓ)) <| verification.AD γ ℓₓ nᵣ |> {{ y, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝ }} -∗ verification.forward_inv γ ℓₓ r nᵣ K₁ -∗ EWP handle f (InjRV (nᵣ, #ℓₓ)) <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: context
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R

EWP f (InjRV (nᵣ, #ℓₓ)) <| verification.AD γ ℓₓ nᵣ |> {{ y, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝ }} -∗ verification.forward_inv γ ℓₓ r nᵣ K₁ -∗ EWP handle f (InjRV (nᵣ, #ℓₓ)) <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: context
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R

"Hf" : EWP f (InjRV (nᵣ, #ℓₓ)) <| verification.AD γ ℓₓ nᵣ |> {{ y, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝ }} "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ --------------------------------------∗ EWP handle f (InjRV (nᵣ, #ℓₓ)) <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: context
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R

"Hf" : EWP f (InjRV (nᵣ, #ℓₓ)) <| verification.AD γ ℓₓ nᵣ |> {{ y, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝ }} "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ --------------------------------------∗ EWP (λ: "f" "seed", deep_try_with (λ: <>, "f" "seed") (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end) (λ: "res", update "res" none))%V f (InjRV (nᵣ, #ℓₓ)) <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: context
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R

"Hf" : EWP f (InjRV (nᵣ, #ℓₓ)) <| verification.AD γ ℓₓ nᵣ |> {{ y, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝ }} "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ --------------------------------------∗ EWP deep_try_with (λ: <>, f (InjRV (nᵣ, #ℓₓ))) (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
K₁: context
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R

"Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ --------------------------------------∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context

"IH" : ▷ ( a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y)) --------------------------------------□ "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ --------------------------------------∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context

"IH" : ▷ ( a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y)) --------------------------------------□ "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ --------------------------------------∗ deep_handler_pre deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context

"IH" : ▷ ( a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y)) --------------------------------------□ "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ --------------------------------------∗ shallow_handler.shallow_return_handler ⊤ (λ: "res", update "res" none)%V Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
"IH" : ▷ ( a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜ e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y)) --------------------------------------□ "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ --------------------------------------∗ v k : val, protocol_agreement v (verification.AD γ ℓₓ nᵣ) (λ w : val, (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k w <| Ψ'' |> {{ v, Φ'' v }}) -∗ ▷ EWP (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V v k <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
(* Return branch. *)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context

"IH" : ▷ ( a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y)) --------------------------------------□ "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ --------------------------------------∗ shallow_handler.shallow_return_handler ⊤ (λ: "res", update "res" none)%V Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context

"Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ --------------------------------------∗ shallow_handler.shallow_return_handler ⊤ (λ: "res", update "res" none)%V Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
y: val

"Hy" : s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝ --------------------------------------□ "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ --------------------------------------∗ ▷ EWP (λ: "res", update "res" none)%V y <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
y: val

"Hy" : s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝ --------------------------------------□ "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ --------------------------------------∗ EWP (λ: "res", update "res" none)%V y <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
y: val
s: Expr ()
H: e =ₑ s

"Hs" : verification.represents γ ℓₓ nᵣ y s --------------------------------------□ "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ --------------------------------------∗ EWP (λ: "res", update "res" none)%V y <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
y: val
s: Expr ()
He: e =ₑ s

"Hs" : verification.represents γ ℓₓ nᵣ y s --------------------------------------□ "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ --------------------------------------∗ EWP (λ: "res", update "res" none)%V y <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
y: val
s: Expr ()
He: e =ₑ s

"Hs" : verification.represents γ ℓₓ nᵣ y s --------------------------------------□ "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ --------------------------------------∗ EWP update y none <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
y: val
s: Expr ()
He: e =ₑ s

"Hs" : verification.represents γ ℓₓ nᵣ y s --------------------------------------□ v : val, (λ _ : val, verification.backward_inv ℓₓ r nᵣ e K₁ [] y) v ={⊤}=∗ (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y
by eauto.
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context

"IH" : ▷ ( a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y)) --------------------------------------□ "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ --------------------------------------∗ v k : val, protocol_agreement v (verification.AD γ ℓₓ nᵣ) (λ w : val, (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k w <| Ψ'' |> {{ v, Φ'' v }}) -∗ ▷ EWP (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V v k <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
(* Effect branch. *)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context

"IH" : ▷ ( a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y)) --------------------------------------□ "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ --------------------------------------∗ v k : val, protocol_agreement v (verification.AD γ ℓₓ nᵣ) (λ w : val, (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k w <| Ψ'' |> {{ v, Φ'' v }}) -∗ ▷ EWP (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V v k <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
args, k: val

"IH" : ▷ ( a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y)) --------------------------------------□ "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ "Hprot" : protocol_agreement args (verification.AD γ ℓₓ nᵣ) (λ w : val, (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k w <| Ψ'' |> {{ v, Φ'' v }}) --------------------------------------∗ ▷ EWP (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V args k <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
args, k: val

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) --------------------------------------□ "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ "Hprot" : protocol_agreement args (verification.AD γ ℓₓ nᵣ) (λ w : val, (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k w <| Ψ'' |> {{ v, Φ'' v }}) --------------------------------------∗ EWP (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V args k <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
args, k: val

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) --------------------------------------□ "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ "Hprot" : protocol_agreement args (verification.AD γ ℓₓ nᵣ) (λ w : val, (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k w <| Ψ'' |> {{ v, Φ'' v }}) --------------------------------------∗ EWP let: "op" := Fst args in let: "a" := Fst (Snd args) in let: "b" := Snd (Snd args) in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in k "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in k "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
args, k: val

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) --------------------------------------□ "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ "Hprot" : (op : Binop) (a b : val) (el er : Expr ()), ⌜args = verification.args op a b⌝ ∗ (verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) ∗ ( x : val, verification.represents γ ℓₓ nᵣ x (Node () op el er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in ...;; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }}) --------------------------------------∗ EWP let: "op" := Fst args in let: "a" := Fst (Snd args) in let: "b" := Snd (Snd args) in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in k "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in k "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k: val
op: Binop
a, b: val
el, er: Expr ()

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er --------------------------------------□ "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ "Hk" : x : val, verification.represents γ ℓₓ nᵣ x (Node () op el er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} --------------------------------------∗ EWP let: "op" := Fst (args op a b) in let: "a" := Fst (Snd (args op a b)) in let: "b" := Snd (Snd (args op a b)) in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in k "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in k "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k: val
op: Binop
a, b: val
el, er: Expr ()

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er --------------------------------------□ "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ "Hk" : x : val, verification.represents γ ℓₓ nᵣ x (Node () op el er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} --------------------------------------∗ EWP let: "op" := Fst (to_val op, (a, b))%V in let: "a" := Fst (Snd (to_val op, (a, b))%V) in let: "b" := Snd (Snd (to_val op, (a, b))%V) in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in k "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in k "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k: val
op: Binop
a, b: val
el, er: Expr ()

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er --------------------------------------□ "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ "Hk" : x : val, ( a b : val, is_entry γ x (op, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} --------------------------------------∗ EWP let: "av" := get_val a in let: "bv" := get_val b in match: to_val op with InjL <> => let: "x" := create (nadd "av" "bv") in k "x";; let: "xd" := get_diff "x" in update a "xd";; update b "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in k "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update a "ad";; update b "bd" end <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k: val
op: Binop
a, b: val
el, er: Expr ()

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er --------------------------------------□ "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ "Hk" : x : val, ( a b : val, is_entry γ x (op, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} --------------------------------------∗ EWP get_val a <| Ψ |> {{ v, EWP fill_item (AppRCtx (λ: "av", let: "bv" := get_val b in match: to_val op with InjL <> => let: "x" := create (nadd "av" "bv") in k "x";; let: "xd" := get_diff "x" in update a "xd";; update b "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in k "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update a "ad";; update b "bd" end)) v <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }} }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k: val
op: Binop
a, b: val
el, er: Expr ()

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er --------------------------------------□ "Hk" : x : val, ( a b : val, is_entry γ x (op, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} --------------------------------------∗ v : val, (λ v0 : val, verification.forward_inv γ ℓₓ r nᵣ K₁ ∗ implements v0 (((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁]}) a)) v ={⊤}=∗ EWP fill_item (AppRCtx (λ: "av", let: "bv" := get_val b in match: to_val op with InjL <> => let: "x" := create (nadd "av" "bv") in k "x";; let: "xd" := get_diff "x" in update a "xd";; update b "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in k "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update a "ad";; update b "bd" end)) v <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k: val
op: Binop
a, b: val
el, er: Expr ()

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er --------------------------------------□ "Hk" : x : val, ( a b : val, is_entry γ x (op, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} --------------------------------------∗ v : val, (λ v0 : val, verification.forward_inv γ ℓₓ r nᵣ K₁ ∗ implements v0 ((ϱ .{[ K₁]}) a)) v ={⊤}=∗ EWP fill_item (AppRCtx (λ: "av", let: "bv" := get_val b in match: to_val op with InjL <> => let: "x" := create (nadd "av" "bv") in k "x";; let: "xd" := get_diff "x" in update a "xd";; update b "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in k "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update a "ad";; update b "bd" end)) v <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k: val
op: Binop
a, b: val
el, er: Expr ()
av: val

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) --------------------------------------□ "Hk" : x : val, ( a b : val, is_entry γ x (op, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ --------------------------------------∗ |={⊤}=> EWP fill_item (AppRCtx (λ: "av", let: "bv" := get_val b in match: to_val op with InjL <> => let: "x" := create (nadd "av" "bv") in k "x";; let: "xd" := get_diff "x" in update a "xd";; update b "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in k "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update a "ad";; update b "bd" end)) av <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k: val
op: Binop
a, b: val
el, er: Expr ()
av: val

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) --------------------------------------□ "Hk" : x : val, ( a b : val, is_entry γ x (op, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ --------------------------------------∗ EWP fill_item (AppRCtx (λ: "av", let: "bv" := get_val b in match: to_val op with InjL <> => let: "x" := create (nadd "av" "bv") in k "x";; let: "xd" := get_diff "x" in update a "xd";; update b "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in k "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update a "ad";; update b "bd" end)) av <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k: val
op: Binop
a, b: val
el, er: Expr ()
av: val

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) --------------------------------------□ "Hk" : x : val, ( a b : val, is_entry γ x (op, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ --------------------------------------∗ EWP let: "av" := av in let: "bv" := get_val b in match: to_val op with InjL <> => let: "x" := create (nadd "av" "bv") in k "x";; let: "xd" := get_diff "x" in update a "xd";; update b "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in k "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update a "ad";; update b "bd" end <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k: val
op: Binop
a, b: val
el, er: Expr ()
av: val

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) --------------------------------------□ "Hk" : x : val, ( a b : val, is_entry γ x (op, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ --------------------------------------∗ EWP let: "bv" := get_val b in match: to_val op with InjL <> => let: "x" := create (nadd av "bv") in k "x";; let: "xd" := get_diff "x" in update a "xd";; update b "xd" | InjR <> => let: "x" := create (nmul av "bv") in k "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul av "xd" in update a "ad";; update b "bd" end <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k: val
op: Binop
a, b: val
el, er: Expr ()
av: val

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) --------------------------------------□ "Hk" : x : val, ( a b : val, is_entry γ x (op, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ --------------------------------------∗ EWP get_val b <| Ψ |> {{ v, EWP fill_item (AppRCtx (λ: "bv", match: to_val op with InjL <> => let: "x" := create (nadd av "bv") in k "x";; let: "xd" := get_diff "x" in update a "xd";; update b "xd" | InjR <> => let: "x" := create (nmul av "bv") in k "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul av "xd" in update a "ad";; update b "bd" end)) v <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }} }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k: val
op: Binop
a, b: val
el, er: Expr ()
av: val

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) --------------------------------------□ "Hk" : x : val, ( a b : val, is_entry γ x (op, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} --------------------------------------∗ v : val, (λ v0 : val, verification.forward_inv γ ℓₓ r nᵣ K₁ ∗ implements v0 (((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁]}) b)) v ={⊤}=∗ EWP fill_item (AppRCtx (λ: "bv", match: to_val op with InjL <> => let: "x" := create (nadd av "bv") in k "x";; let: "xd" := get_diff "x" in update a "xd";; update b "xd" | InjR <> => let: "x" := create (nmul av "bv") in k "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul av "xd" in update a "ad";; update b "bd" end)) v <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k: val
op: Binop
a, b: val
el, er: Expr ()
av: val

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) --------------------------------------□ "Hk" : x : val, ( a b : val, is_entry γ x (op, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} --------------------------------------∗ v : val, (λ v0 : val, verification.forward_inv γ ℓₓ r nᵣ K₁ ∗ implements v0 ((ϱ .{[ K₁]}) b)) v ={⊤}=∗ EWP fill_item (AppRCtx (λ: "bv", match: to_val op with InjL <> => let: "x" := create (nadd av "bv") in k "x";; let: "xd" := get_diff "x" in update a "xd";; update b "xd" | InjR <> => let: "x" := create (nmul av "bv") in k "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul av "xd" in update a "ad";; update b "bd" end)) v <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k: val
op: Binop
a, b: val
el, er: Expr ()
av, bv: val

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) --------------------------------------□ "Hk" : x : val, ( a b : val, is_entry γ x (op, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ --------------------------------------∗ |={⊤}=> EWP fill_item (AppRCtx (λ: "bv", match: to_val op with InjL <> => let: "x" := create (nadd av "bv") in k "x";; let: "xd" := get_diff "x" in update a "xd";; update b "xd" | InjR <> => let: "x" := create (nmul av "bv") in k "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul av "xd" in update a "ad";; update b "bd" end)) bv <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k: val
op: Binop
a, b: val
el, er: Expr ()
av, bv: val

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) --------------------------------------□ "Hk" : x : val, ( a b : val, is_entry γ x (op, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ --------------------------------------∗ EWP fill_item (AppRCtx (λ: "bv", match: to_val op with InjL <> => let: "x" := create (nadd av "bv") in k "x";; let: "xd" := get_diff "x" in update a "xd";; update b "xd" | InjR <> => let: "x" := create (nmul av "bv") in k "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul av "xd" in update a "ad";; update b "bd" end)) bv <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k: val
op: Binop
a, b: val
el, er: Expr ()
av, bv: val

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) --------------------------------------□ "Hk" : x : val, ( a b : val, is_entry γ x (op, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ --------------------------------------∗ EWP let: "bv" := bv in match: to_val op with InjL <> => let: "x" := create (nadd av "bv") in k "x";; let: "xd" := get_diff "x" in update a "xd";; update b "xd" | InjR <> => let: "x" := create (nmul av "bv") in k "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul av "xd" in update a "ad";; update b "bd" end <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k: val
op: Binop
a, b: val
el, er: Expr ()
av, bv: val

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) --------------------------------------□ "Hk" : x : val, ( a b : val, is_entry γ x (op, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ --------------------------------------∗ EWP match: to_val op with InjL <> => let: "x" := create (nadd av bv) in k "x";; let: "xd" := get_diff "x" in update a "xd";; update b "xd" | InjR <> => let: "x" := create (nmul av bv) in k "x";; let: "xd" := get_diff "x" in let: "ad" := nmul bv "xd" in let: "bd" := nmul av "xd" in update a "ad";; update b "bd" end <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k: val
op: Binop
a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) --------------------------------------□ "Hk" : x : val, ( a b : val, is_entry γ x (op, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ --------------------------------------∗ EWP match: to_val op with InjL <> => let: "x" := create (nadd av bv) in k "x";; let: "xd" := get_diff "x" in update a "xd";; update b "xd" | InjR <> => let: "x" := create (nmul av bv) in k "x";; let: "xd" := get_diff "x" in let: "ad" := nmul bv "xd" in let: "bd" := nmul av "xd" in update a "ad";; update b "bd" end <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k: val
op: Binop
a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) --------------------------------------□ "Hk" : x : val, ( a b : val, is_entry γ x (op, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ --------------------------------------∗ EWP match: to_val op with InjL <> => let: "x" := create (nadd av bv) in k "x";; let: "xd" := get_diff "x" in update a "xd";; update b "xd" | InjR <> => let: "x" := create (nmul av bv) in k "x";; let: "xd" := get_diff "x" in let: "ad" := nmul bv "xd" in let: "bd" := nmul av "xd" in update a "ad";; update b "bd" end <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k: val
op: Binop
a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) --------------------------------------□ "Hk" : x : val, ( a b : val, is_entry γ x (op, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ --------------------------------------∗ EWP match: to_val op with InjL <> => let: "x" := create (nadd av bv) in k "x";; let: "xd" := get_diff "x" in update a "xd";; update b "xd" | InjR <> => let: "x" := create (nmul av bv) in k "x";; let: "xd" := get_diff "x" in let: "ad" := nmul bv "xd" in let: "bd" := nmul av "xd" in update a "ad";; update b "bd" end <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k: val
op: Binop
a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) --------------------------------------□ "Hk" : x : val, ( a b : val, is_entry γ x (op, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ --------------------------------------∗ EWP match: to_val op with InjL <> => let: "x" := create (nadd av bv) in k "x";; let: "xd" := get_diff "x" in update a "xd";; update b "xd" | InjR <> => let: "x" := create (nmul av bv) in k "x";; let: "xd" := get_diff "x" in let: "ad" := nmul bv "xd" in let: "bd" := nmul av "xd" in update a "ad";; update b "bd" end <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) --------------------------------------□ "Hk" : x : val, ( a b : val, is_entry γ x (Add, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ --------------------------------------∗ EWP match: to_val Add with InjL <> => let: "x" := create (nadd av bv) in k "x";; let: "xd" := get_diff "x" in update a "xd";; update b "xd" | InjR <> => let: "x" := create (nmul av bv) in k "x";; let: "xd" := get_diff "x" in let: "ad" := nmul bv "xd" in let: "bd" := nmul av "xd" in update a "ad";; update b "bd" end <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) --------------------------------------□ "Hk" : x : val, ( a b : val, is_entry γ x (Mul, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜ e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ --------------------------------------∗ EWP match: to_val Mul with InjL <> => let: "x" := create (nadd av bv) in k "x";; let: "xd" := get_diff "x" in update a "xd";; update b "xd" | InjR <> => let: "x" := create (nmul av bv) in k "x";; let: "xd" := get_diff "x" in let: "ad" := nmul bv "xd" in let: "bd" := nmul av "xd" in update a "ad";; update b "bd" end <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
(* Add. *)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) --------------------------------------□ "Hk" : x : val, ( a b : val, is_entry γ x (Add, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ --------------------------------------∗ EWP match: to_val Add with InjL <> => let: "x" := create (nadd av bv) in k "x";; let: "xd" := get_diff "x" in update a "xd";; update b "xd" | InjR <> => let: "x" := create (nmul av bv) in k "x";; let: "xd" := get_diff "x" in let: "ad" := nmul bv "xd" in let: "bd" := nmul av "xd" in update a "ad";; update b "bd" end <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) --------------------------------------□ "Hk" : x : val, ( a b : val, is_entry γ x (Add, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ --------------------------------------∗ EWP let: "x" := create (nadd av bv) in k "x";; let: "xd" := get_diff "x" in update a "xd";; update b "xd" <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) --------------------------------------□ "Hk" : x : val, ( a b : val, is_entry γ x (Add, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ --------------------------------------∗ EWP create (nadd av bv) <| Ψ |> {{ v, EWP fill_item (AppRCtx (λ: "x", k "x";; let: "xd" := get_diff "x" in update a "xd";; update b "xd")) v <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }} }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) --------------------------------------□ "Hk" : x : val, ( a b : val, is_entry γ x (Add, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ --------------------------------------∗ EWP nadd av bv <| Ψ |> {{ v, EWP fill_item (AppRCtx create) v <| Ψ |> {{ v0, EWP fill_item (AppRCtx (λ: "x", k "x";; let: "xd" := get_diff "x" in update a "xd";; update b "xd")) v0 <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }} }} }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) --------------------------------------□ "Hk" : x : val, ( a b : val, is_entry γ x (Add, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ --------------------------------------∗ v : val, (λ x : val, implements x ((ϱ .{[ K₁]}) a +ᵣ (ϱ .{[ K₁]}) b)) v ={⊤}=∗ EWP fill_item (AppRCtx create) v <| Ψ |> {{ v0, EWP fill_item (AppRCtx (λ: "x", k "x";; let: "xd" := get_diff "x" in update a "xd";; update b "xd")) v0 <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }} }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxv" : implements xv ((ϱ .{[ K₁]}) a +ᵣ (ϱ .{[ K₁]}) b) --------------------------------------□ "Hk" : x : val, ( a b : val, is_entry γ x (Add, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ --------------------------------------∗ |={⊤}=> EWP fill_item (AppRCtx create) xv <| Ψ |> {{ v, EWP fill_item (AppRCtx (λ: "x", k "x";; let: "xd" := get_diff "x" in update a "xd";; update b "xd")) v <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }} }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxv" : implements xv ((ϱ .{[ K₁]}) a +ᵣ (ϱ .{[ K₁]}) b) --------------------------------------□ "Hk" : x : val, ( a b : val, is_entry γ x (Add, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ --------------------------------------∗ EWP fill_item (AppRCtx create) xv <| Ψ |> {{ v, EWP fill_item (AppRCtx (λ: "x", k "x";; let: "xd" := get_diff "x" in update a "xd";; update b "xd")) v <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }} }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxv" : implements xv ((ϱ .{[ K₁]}) a +ᵣ (ϱ .{[ K₁]}) b) --------------------------------------□ "Hk" : x : val, ( a b : val, is_entry γ x (Add, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ --------------------------------------∗ EWP create xv <| Ψ |> {{ v, EWP let: "x" := v in k "x";; let: "xd" := get_diff "x" in update a "xd";; update b "xd" <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }} }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxv" : implements xv ((ϱ .{[ K₁]}) a +ᵣ (ϱ .{[ K₁]}) b) --------------------------------------□ "Hk" : x : val, ( a b : val, is_entry γ x (Add, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ --------------------------------------∗ v : val, (λ w : val, : loc, ⌜w = InjRV (xv, #ℓ)⌝ ∗ ℓ ↦ nzero) v ={⊤}=∗ EWP let: "x" := v in k "x";; let: "xd" := get_diff "x" in update a "xd";; update b "xd" <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv, x': val

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxv" : implements xv ((ϱ .{[ K₁]}) a +ᵣ (ϱ .{[ K₁]}) b) --------------------------------------□ "Hk" : x : val, ( a b : val, is_entry γ x (Add, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ --------------------------------------∗ ( : loc, ⌜x' = InjRV (xv, #ℓ)⌝ ∗ ℓ ↦ nzero) ={⊤}=∗ EWP let: "x" := x' in k "x";; let: "xd" := get_diff "x" in update a "xd";; update b "xd" <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxv" : implements xv ((ϱ .{[ K₁]}) a +ᵣ (ϱ .{[ K₁]}) b) --------------------------------------□ "Hk" : x : val, ( a b : val, is_entry γ x (Add, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ "Hx" : x ↦ nzero --------------------------------------∗ |={⊤}=> EWP let: "x" := InjRV (xv, #x) in k "x";; let: "xd" := get_diff "x" in update a "xd";; update b "xd" <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxv" : implements xv ((ϱ .{[ K₁]}) a +ᵣ (ϱ .{[ K₁]}) b) --------------------------------------□ "Hk" : x : val, ( a b : val, is_entry γ x (Add, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ "Hx" : x ↦ nzero --------------------------------------∗ |={⊤}=> EWP let: "x" := InjRV (xv, #x) in k "x";; let: "xd" := get_diff "x" in update a "xd";; update b "xd" <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxv" : implements xv ((ϱ .{[ K₁]}) a +ᵣ (ϱ .{[ K₁]}) b) --------------------------------------□ implements ?Goal0 (((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(InjRV (?Goal0, #x), (Add, a, b))]]}) (InjRV (?Goal0, #x)))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]
"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxv" : implements xv ((ϱ .{[ K₁]}) a +ᵣ (ϱ .{[ K₁]}) b) "Hx'" : verification.represents γ ℓₓ nᵣ (InjRV (?Goal0, #x)) (el +ₑ er) --------------------------------------□ "Hk" : x : val, ( a b : val, is_entry γ x (Add, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜ e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} "Hinv" : verification.forward_inv γ ℓₓ r nᵣ (K₁ ++ [(InjRV (?Goal0, #x), (Add, a, b))]) --------------------------------------∗ |={⊤}=> EWP let: "x" := InjRV (xv, #x) in k "x";; let: "xd" := get_diff "x" in update a "xd";; update b "xd" <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxv" : implements xv ((ϱ .{[ K₁]}) a +ᵣ (ϱ .{[ K₁]}) b) --------------------------------------□ implements ?Goal0 (((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(InjRV (?Goal0, #x), (Add, a, b))]]}) (InjRV (?Goal0, #x)))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxv" : implements xv ((ϱ .{[ K₁]}) a +ᵣ (ϱ .{[ K₁]}) b) --------------------------------------□ implements ?Goal0 ((ϱ .{[ K₁ ++ [(InjRV (?Goal0, #x), (Add, a, b))]]}) (InjRV (?Goal0, #x)))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxv" : implements xv ((ϱ .{[ K₁]}) a +ᵣ (ϱ .{[ K₁]}) b) --------------------------------------□ implements ?Goal0 ((ϱ .{[ K₁]}) a +ᵣ (ϱ .{[ K₁]}) b)
by iApply "Hxv".
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxv" : implements xv ((ϱ .{[ K₁]}) a +ᵣ (ϱ .{[ K₁]}) b) "Hx'" : verification.represents γ ℓₓ nᵣ (InjRV (xv, #x)) (el +ₑ er) --------------------------------------□ "Hk" : x : val, ( a b : val, is_entry γ x (Add, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} "Hinv" : verification.forward_inv γ ℓₓ r nᵣ (K₁ ++ [(InjRV (xv, #x), (Add, a, b))]) --------------------------------------∗ |={⊤}=> EWP let: "x" := InjRV (xv, #x) in k "x";; let: "xd" := get_diff "x" in update a "xd";; update b "xd" <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxv" : implements xv ((ϱ .{[ K₁]}) a +ᵣ (ϱ .{[ K₁]}) b) "Hx'" : verification.represents γ ℓₓ nᵣ (InjRV (xv, #x)) (el +ₑ er) --------------------------------------□ "Hk" : x : val, ( a b : val, is_entry γ x (Add, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} "Hinv" : verification.forward_inv γ ℓₓ r nᵣ (K₁ ++ [(InjRV (xv, #x), (Add, a, b))]) --------------------------------------∗ EWP let: "x" := InjRV (xv, #x) in k "x";; let: "xd" := get_diff "x" in update a "xd";; update b "xd" <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxv" : implements xv ((ϱ .{[ K₁]}) a +ᵣ (ϱ .{[ K₁]}) b) "Hx'" : a b : val, is_entry γ (InjRV (xv, #x)) (Add, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er --------------------------------------□ "Hk" : x : val, ( a b : val, is_entry γ x (Add, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} "Hinv" : verification.forward_inv γ ℓₓ r nᵣ (K₁ ++ [(InjRV (xv, #x), (Add, a, b))]) --------------------------------------∗ EWP k (InjRV (xv, #x));; let: "xd" := get_diff (InjRV (xv, #x)) in update a "xd";; update b "xd" <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
(* Continuation call. *)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxv" : implements xv ((ϱ .{[ K₁]}) a +ᵣ (ϱ .{[ K₁]}) b) "Hx'" : a b : val, is_entry γ (InjRV (xv, #x)) (Add, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er --------------------------------------□ "Hk" : x : val, ( a b : val, is_entry γ x (Add, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} "Hinv" : verification.forward_inv γ ℓₓ r nᵣ (K₁ ++ [(InjRV (xv, #x), (Add, a, b))]) --------------------------------------∗ EWP k (InjRV (xv, #x)) <| Ψ |> {{ v, EWP fill (ConsCtx (AppRCtx (λ: <>, let: "xd" := get_diff (InjRV (xv, #x)) in update a "xd";; update b "xd")) EmptyCtx) v <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }} }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxv" : implements xv ((ϱ .{[ K₁]}) a +ᵣ (ϱ .{[ K₁]}) b) "Hx'" : a b : val, is_entry γ (InjRV (xv, #x)) (Add, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er --------------------------------------□ "Hinv" : verification.forward_inv γ ℓₓ r nᵣ (K₁ ++ [(InjRV (xv, #x), (Add, a, b))]) "Hk" : x : val, ( a b : val, is_entry γ x (Add, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} --------------------------------------∗ EWP k (InjRV (xv, #x)) <| Ψ |> {{ v, ?Goal0 v }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]
"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxv" : implements xv ((ϱ .{[ K₁]}) a +ᵣ (ϱ .{[ K₁]}) b) "Hx'" : a b : val, is_entry γ (InjRV (xv, #x)) (Add, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er --------------------------------------□ v : val, ?Goal0 v ={⊤}=∗ EWP fill (ConsCtx (AppRCtx (λ: <>, let: "xd" := get_diff (InjRV (xv, #x)) in update a "xd";; update b "xd")) EmptyCtx) v <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxv" : implements xv ((ϱ .{[ K₁]}) a +ᵣ (ϱ .{[ K₁]}) b) "Hx'" : a b : val, is_entry γ (InjRV (xv, #x)) (Add, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er --------------------------------------□ "Hinv" : verification.forward_inv γ ℓₓ r nᵣ (K₁ ++ [(InjRV (xv, #x), (Add, a, b))]) "Hk" : x : val, ( a b : val, is_entry γ x (Add, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} --------------------------------------∗ EWP k (InjRV (xv, #x)) <| Ψ |> {{ v, ?Goal0 v }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxv" : implements xv ((ϱ .{[ K₁]}) a +ᵣ (ϱ .{[ K₁]}) b) "Hx'" : a b : val, is_entry γ (InjRV (xv, #x)) (Add, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er --------------------------------------□ "Hinv" : verification.forward_inv γ ℓₓ r nᵣ (K₁ ++ [(InjRV (xv, #x), (Add, a, b))]) --------------------------------------∗ ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) ?x
by iApply ("IH" with "Hinv").
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxv" : implements xv ((ϱ .{[ K₁]}) a +ᵣ (ϱ .{[ K₁]}) b) "Hx'" : a b : val, is_entry γ (InjRV (xv, #x)) (Add, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er --------------------------------------□ v : val, (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e (K₁ ++ [(InjRV (xv, #x), (Add, a, b))]) K₂ y) v ={⊤}=∗ EWP fill (ConsCtx (AppRCtx (λ: <>, let: "xd" := get_diff (InjRV (xv, #x)) in update a "xd";; update b "xd")) EmptyCtx) v <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]

--------------------------------------∗ v : val, ( (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e (K₁ ++ [(InjRV (xv, #x), (Add, a, b))]) K₂ y) ={⊤}=∗ EWP fill (ConsCtx (AppRCtx (λ: <>, let: "xd" := get_diff (InjRV (xv, #x)) in update a "xd";; update b "xd")) EmptyCtx) v <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]
w: val

--------------------------------------∗ ( (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e (K₁ ++ [(InjRV (xv, #x), (Add, a, b))]) K₂ y) ={⊤}=∗ EWP fill (ConsCtx (AppRCtx (λ: <>, let: "xd" := get_diff (InjRV (xv, #x)) in update a "xd";; update b "xd")) EmptyCtx) w <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]
w: val
K₂: context
y: val

"Hinv" : verification.backward_inv ℓₓ r nᵣ e (K₁ ++ [(InjRV (xv, #x), (Add, a, b))]) K₂ y --------------------------------------∗ |={⊤}=> EWP fill (ConsCtx (AppRCtx (λ: <>, let: "xd" := get_diff (InjRV (xv, #x)) in update a "xd";; update b "xd")) EmptyCtx) w <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]
w: val
K₂: context
y: val

"Hinv" : verification.backward_inv ℓₓ r nᵣ e (K₁ ++ [(InjRV (xv, #x), (Add, a, b))]) K₂ y --------------------------------------∗ EWP fill (ConsCtx (AppRCtx (λ: <>, let: "xd" := get_diff (InjRV (xv, #x)) in update a "xd";; update b "xd")) EmptyCtx) w <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]
w: val
K₂: context
y: val

"Hinv" : verification.backward_inv ℓₓ r nᵣ e (K₁ ++ [(InjRV (xv, #x), (Add, a, b))]) K₂ y --------------------------------------∗ EWP w;; let: "xd" := get_diff (InjRV (xv, #x)) in update a "xd";; update b "xd" <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]
w: val
K₂: context
y: val

"Hinv" : verification.backward_inv ℓₓ r nᵣ e (K₁ ++ [(InjRV (xv, #x), (Add, a, b))]) K₂ y --------------------------------------∗ EWP let: "xd" := get_diff (InjRV (xv, #x)) in update a "xd";; update b "xd" <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]
w: val
K₂: context
y: val

"Hx" : verification.mapsto_diff r (K₁ ++ [(InjRV (xv, #x), (Add, a, b))]) K₂ y (InjRV (xv, #x)) "Hab" : verification.both_mapto_diff r (K₁ ++ [(InjRV (xv, #x), (Add, a, b))]) K₂ y a b "Hfinisher" : verification.both_mapto_diff r K₁ ((InjRV (xv, #x), (Add, a, b)) :: K₂) y a b -∗ verification.backward_inv ℓₓ r nᵣ e K₁ ((InjRV (xv, #x), (Add, a, b)) :: K₂) y --------------------------------------∗ EWP let: "xd" := get_diff (InjRV (xv, #x)) in update a "xd";; update b "xd" <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]
w: val
K₂: context
y: val

"Hx" : verification.mapsto_diff r (K₁ ++ [(InjRV (xv, #x), (Add, a, b))]) K₂ y (InjRV (xv, #x)) "Hab" : verification.both_mapto_diff r (K₁ ++ [(InjRV (xv, #x), (Add, a, b))]) K₂ y a b "Hfinisher" : verification.both_mapto_diff r K₁ ((InjRV (xv, #x), (Add, a, b)) :: K₂) y a b -∗ verification.backward_inv ℓₓ r nᵣ e K₁ ((InjRV (xv, #x), (Add, a, b)) :: K₂) y --------------------------------------∗ EWP get_diff (InjRV (xv, #x)) <| Ψ |> {{ v, EWP fill_item (AppRCtx (λ: "xd", update a "xd";; update b "xd")) v <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }} }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]
w: val
K₂: context
y: val

"Hab" : verification.both_mapto_diff r (K₁ ++ [(InjRV (xv, #x), (Add, a, b))]) K₂ y a b "Hfinisher" : verification.both_mapto_diff r K₁ ((InjRV (xv, #x), (Add, a, b)) :: K₂) y a b -∗ verification.backward_inv ℓₓ r nᵣ e K₁ ((InjRV (xv, #x), (Add, a, b)) :: K₂) y --------------------------------------∗ v : val, (λ d : val, verification.mapsto_diff r (K₁ ++ [(InjRV (xv, #x), (Add, a, b))]) K₂ y (InjRV (xv, #x)) ∗ ( s : R, implements d s ∗ ⌜s =ᵣ (∂ Let K₂ .in y ./ ∂ InjRV (xv, #x) .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(InjRV (xv, #x), (Add, a, b))]]}))⌝)) v ={⊤}=∗ EWP fill_item (AppRCtx (λ: "xd", update a "xd";; update b "xd")) v <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]
w: val
K₂: context
y, xd: val

"Hab" : verification.both_mapto_diff r (K₁ ++ [(InjRV (xv, #x), (Add, a, b))]) K₂ y a b "Hfinisher" : verification.both_mapto_diff r K₁ ((InjRV (xv, #x), (Add, a, b)) :: K₂) y a b -∗ verification.backward_inv ℓₓ r nᵣ e K₁ ((InjRV (xv, #x), (Add, a, b)) :: K₂) y "Hxd" : s : R, implements xd s ∗ ⌜s =ᵣ (∂ Let K₂ .in y ./ ∂ InjRV (xv, #x) .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(InjRV (xv, #x), (Add, a, b))]]}))⌝ --------------------------------------∗ |={⊤}=> EWP fill_item (AppRCtx (λ: "xd", update a "xd";; update b "xd")) xd <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]
w: val
K₂: context
y, xd: val

"Hab" : verification.both_mapto_diff r (K₁ ++ [(InjRV (xv, #x), (Add, a, b))]) K₂ y a b "Hfinisher" : verification.both_mapto_diff r K₁ ((InjRV (xv, #x), (Add, a, b)) :: K₂) y a b -∗ verification.backward_inv ℓₓ r nᵣ e K₁ ((InjRV (xv, #x), (Add, a, b)) :: K₂) y "Hxd" : s : R, implements xd s ∗ ⌜s =ᵣ (∂ Let K₂ .in y ./ ∂ InjRV (xv, #x) .at (ϱ .{[ K₁ ++ [(InjRV (xv, #x), (Add, a, b))]]}))⌝ --------------------------------------∗ |={⊤}=> EWP fill_item (AppRCtx (λ: "xd", update a "xd";; update b "xd")) xd <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]
w: val
K₂: context
y, xd: val
s: R
H: s =ᵣ (∂ Let K₂ .in y ./ ∂ InjRV (xv, #x) .at (ϱ .{[ K₁ ++ [(InjRV (xv, #x), (Add, a, b))]]}))

"Hxd" : implements xd s --------------------------------------□ "Hab" : verification.both_mapto_diff r (K₁ ++ [(InjRV (xv, #x), (Add, a, b))]) K₂ y a b "Hfinisher" : verification.both_mapto_diff r K₁ ((InjRV (xv, #x), (Add, a, b)) :: K₂) y a b -∗ verification.backward_inv ℓₓ r nᵣ e K₁ ((InjRV (xv, #x), (Add, a, b)) :: K₂) y --------------------------------------∗ |={⊤}=> EWP fill_item (AppRCtx (λ: "xd", update a "xd";; update b "xd")) xd <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]
w: val
K₂: context
y, xd: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ InjRV (xv, #x) .at (ϱ .{[ K₁ ++ [(InjRV (xv, #x), (Add, a, b))]]}))

"Hxd" : implements xd s --------------------------------------□ "Hab" : verification.both_mapto_diff r (K₁ ++ [(InjRV (xv, #x), (Add, a, b))]) K₂ y a b "Hfinisher" : verification.both_mapto_diff r K₁ ((InjRV (xv, #x), (Add, a, b)) :: K₂) y a b -∗ verification.backward_inv ℓₓ r nᵣ e K₁ ((InjRV (xv, #x), (Add, a, b)) :: K₂) y --------------------------------------∗ |={⊤}=> EWP fill_item (AppRCtx (λ: "xd", update a "xd";; update b "xd")) xd <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]
w: val
K₂: context
y, xd: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ InjRV (xv, #x) .at (ϱ .{[ K₁ ++ [(InjRV (xv, #x), (Add, a, b))]]}))

"Hxd" : implements xd s --------------------------------------□ "Hab" : verification.both_mapto_diff r (K₁ ++ [(InjRV (xv, #x), (Add, a, b))]) K₂ y a b "Hfinisher" : verification.both_mapto_diff r K₁ ((InjRV (xv, #x), (Add, a, b)) :: K₂) y a b -∗ verification.backward_inv ℓₓ r nᵣ e K₁ ((InjRV (xv, #x), (Add, a, b)) :: K₂) y --------------------------------------∗ EWP fill_item (AppRCtx (λ: "xd", update a "xd";; update b "xd")) xd <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]
w: val
K₂: context
y, xd: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ InjRV (xv, #x) .at (ϱ .{[ K₁ ++ [(InjRV (xv, #x), (Add, a, b))]]}))

"Hxd" : implements xd s --------------------------------------□ "Hab" : verification.both_mapto_diff r (K₁ ++ [(InjRV (xv, #x), (Add, a, b))]) K₂ y a b "Hfinisher" : verification.both_mapto_diff r K₁ ((InjRV (xv, #x), (Add, a, b)) :: K₂) y a b -∗ verification.backward_inv ℓₓ r nᵣ e K₁ ((InjRV (xv, #x), (Add, a, b)) :: K₂) y --------------------------------------∗ EWP let: "xd" := xd in update a "xd";; update b "xd" <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]
w: val
K₂: context
y, xd: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ InjRV (xv, #x) .at (ϱ .{[ K₁ ++ [(InjRV (xv, #x), (Add, a, b))]]}))

"Hxd" : implements xd s --------------------------------------□ "Hab" : verification.both_mapto_diff r (K₁ ++ [(InjRV (xv, #x), (Add, a, b))]) K₂ y a b "Hfinisher" : verification.both_mapto_diff r K₁ ((InjRV (xv, #x), (Add, a, b)) :: K₂) y a b -∗ verification.backward_inv ℓₓ r nᵣ e K₁ ((InjRV (xv, #x), (Add, a, b)) :: K₂) y --------------------------------------∗ EWP update a xd;; update b xd <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]
w: val
K₂: context
y, xd: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ InjRV (xv, #x) .at (ϱ .{[ K₁ ++ [(InjRV (xv, #x), (Add, a, b))]]}))

"Hxd" : implements xd s --------------------------------------□ "Hfinisher" : verification.both_mapto_diff r K₁ ((InjRV (xv, #x), (Add, a, b)) :: K₂) y a b -∗ verification.backward_inv ℓₓ r nᵣ e K₁ ((InjRV (xv, #x), (Add, a, b)) :: K₂) y --------------------------------------∗ v : val, (λ _ : val, verification.both_mapto_diff r K₁ ((InjRV (xv, #x), (Add, a, b)) :: K₂) y a b) v ={⊤}=∗ (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]
w: val
K₂: context
y, xd: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ InjRV (xv, #x) .at (ϱ .{[ K₁ ++ [(InjRV (xv, #x), (Add, a, b))]]}))

"Hxd" : implements xd s --------------------------------------□ "Hfinisher" : verification.both_mapto_diff r K₁ ((InjRV (xv, #x), (Add, a, b)) :: K₂) y a b -∗ verification.backward_inv ℓₓ r nᵣ e K₁ ((InjRV (xv, #x), (Add, a, b)) :: K₂) y "Hinv" : verification.both_mapto_diff r K₁ ((InjRV (xv, #x), (Add, a, b)) :: K₂) y a b --------------------------------------∗ (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]
w: val
K₂: context
y, xd: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ InjRV (xv, #x) .at (ϱ .{[ K₁ ++ [(InjRV (xv, #x), (Add, a, b))]]}))

"Hxd" : implements xd s --------------------------------------□ "Hfinisher" : verification.both_mapto_diff r K₁ ((InjRV (xv, #x), (Add, a, b)) :: K₂) y a b -∗ verification.backward_inv ℓₓ r nᵣ e K₁ ((InjRV (xv, #x), (Add, a, b)) :: K₂) y "Hinv" : verification.both_mapto_diff r K₁ ((InjRV (xv, #x), (Add, a, b)) :: K₂) y a b --------------------------------------∗ verification.backward_inv ℓₓ r nᵣ e K₁ ((?Goal0, (Add, a, b)) :: K₂) y
by iApply "Hfinisher".
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) --------------------------------------□ "Hk" : x : val, ( a b : val, is_entry γ x (Mul, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ --------------------------------------∗ EWP match: to_val Mul with InjL <> => let: "x" := create (nadd av bv) in k "x";; let: "xd" := get_diff "x" in update a "xd";; update b "xd" | InjR <> => let: "x" := create (nmul av bv) in k "x";; let: "xd" := get_diff "x" in let: "ad" := nmul bv "xd" in let: "bd" := nmul av "xd" in update a "ad";; update b "bd" end <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
(* Mul. *)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) --------------------------------------□ "Hk" : x : val, ( a b : val, is_entry γ x (Mul, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ --------------------------------------∗ EWP match: to_val Mul with InjL <> => let: "x" := create (nadd av bv) in k "x";; let: "xd" := get_diff "x" in update a "xd";; update b "xd" | InjR <> => let: "x" := create (nmul av bv) in k "x";; let: "xd" := get_diff "x" in let: "ad" := nmul bv "xd" in let: "bd" := nmul av "xd" in update a "ad";; update b "bd" end <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) --------------------------------------□ "Hk" : x : val, ( a b : val, is_entry γ x (Mul, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ --------------------------------------∗ EWP let: "x" := create (nmul av bv) in k "x";; let: "xd" := get_diff "x" in let: "ad" := nmul bv "xd" in let: "bd" := nmul av "xd" in update a "ad";; update b "bd" <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) --------------------------------------□ "Hk" : x : val, ( a b : val, is_entry γ x (Mul, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ --------------------------------------∗ EWP create (nmul av bv) <| Ψ |> {{ v, EWP fill_item (AppRCtx (λ: "x", k "x";; let: "xd" := get_diff "x" in let: "ad" := nmul bv "xd" in let: "bd" := nmul av "xd" in update a "ad";; update b "bd")) v <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }} }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) --------------------------------------□ "Hk" : x : val, ( a b : val, is_entry γ x (Mul, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ --------------------------------------∗ EWP nmul av bv <| Ψ |> {{ v, EWP fill_item (AppRCtx create) v <| Ψ |> {{ v0, EWP fill_item (AppRCtx (λ: "x", k "x";; let: "xd" := get_diff "x" in let: "ad" := nmul bv "xd" in let: "bd" := nmul av "xd" in update a "ad";; update b "bd")) v0 <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }} }} }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) --------------------------------------□ "Hk" : x : val, ( a b : val, is_entry γ x (Mul, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ --------------------------------------∗ v : val, (λ x : val, implements x ((ϱ .{[ K₁]}) a ×ᵣ (ϱ .{[ K₁]}) b)) v ={⊤}=∗ EWP fill_item (AppRCtx create) v <| Ψ |> {{ v0, EWP fill_item (AppRCtx (λ: "x", k "x";; let: "xd" := get_diff "x" in let: "ad" := nmul bv "xd" in let: "bd" := nmul av "xd" in update a "ad";; update b "bd")) v0 <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }} }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxv" : implements xv ((ϱ .{[ K₁]}) a ×ᵣ (ϱ .{[ K₁]}) b) --------------------------------------□ "Hk" : x : val, ( a b : val, is_entry γ x (Mul, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ --------------------------------------∗ |={⊤}=> EWP fill_item (AppRCtx create) xv <| Ψ |> {{ v, EWP fill_item (AppRCtx (λ: "x", k "x";; let: "xd" := get_diff "x" in let: "ad" := nmul bv "xd" in let: "bd" := nmul av "xd" in update a "ad";; update b "bd")) v <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }} }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxv" : implements xv ((ϱ .{[ K₁]}) a ×ᵣ (ϱ .{[ K₁]}) b) --------------------------------------□ "Hk" : x : val, ( a b : val, is_entry γ x (Mul, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ --------------------------------------∗ EWP fill_item (AppRCtx create) xv <| Ψ |> {{ v, EWP fill_item (AppRCtx (λ: "x", k "x";; let: "xd" := get_diff "x" in let: "ad" := nmul bv "xd" in let: "bd" := nmul av "xd" in update a "ad";; update b "bd")) v <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }} }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxv" : implements xv ((ϱ .{[ K₁]}) a ×ᵣ (ϱ .{[ K₁]}) b) --------------------------------------□ "Hk" : x : val, ( a b : val, is_entry γ x (Mul, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ --------------------------------------∗ EWP create xv <| Ψ |> {{ v, EWP let: "x" := v in k "x";; let: "xd" := get_diff "x" in let: "ad" := nmul bv "xd" in let: "bd" := nmul av "xd" in update a "ad";; update b "bd" <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }} }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxv" : implements xv ((ϱ .{[ K₁]}) a ×ᵣ (ϱ .{[ K₁]}) b) --------------------------------------□ "Hk" : x : val, ( a b : val, is_entry γ x (Mul, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ --------------------------------------∗ v : val, (λ w : val, : loc, ⌜w = InjRV (xv, #ℓ)⌝ ∗ ℓ ↦ nzero) v ={⊤}=∗ EWP let: "x" := v in k "x";; let: "xd" := get_diff "x" in let: "ad" := nmul bv "xd" in let: "bd" := nmul av "xd" in update a "ad";; update b "bd" <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv, x': val

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxv" : implements xv ((ϱ .{[ K₁]}) a ×ᵣ (ϱ .{[ K₁]}) b) --------------------------------------□ "Hk" : x : val, ( a b : val, is_entry γ x (Mul, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ --------------------------------------∗ ( : loc, ⌜x' = InjRV (xv, #ℓ)⌝ ∗ ℓ ↦ nzero) ={⊤}=∗ EWP let: "x" := x' in k "x";; let: "xd" := get_diff "x" in let: "ad" := nmul bv "xd" in let: "bd" := nmul av "xd" in update a "ad";; update b "bd" <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxv" : implements xv ((ϱ .{[ K₁]}) a ×ᵣ (ϱ .{[ K₁]}) b) --------------------------------------□ "Hk" : x : val, ( a b : val, is_entry γ x (Mul, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ "Hx" : x ↦ nzero --------------------------------------∗ |={⊤}=> EWP let: "x" := InjRV (xv, #x) in k "x";; let: "xd" := get_diff "x" in let: "ad" := nmul bv "xd" in let: "bd" := nmul av "xd" in update a "ad";; update b "bd" <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxv" : implements xv ((ϱ .{[ K₁]}) a ×ᵣ (ϱ .{[ K₁]}) b) --------------------------------------□ "Hk" : x : val, ( a b : val, is_entry γ x (Mul, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} "Hinv" : verification.forward_inv γ ℓₓ r nᵣ K₁ "Hx" : x ↦ nzero --------------------------------------∗ |={⊤}=> EWP let: "x" := InjRV (xv, #x) in k "x";; let: "xd" := get_diff "x" in let: "ad" := nmul bv "xd" in let: "bd" := nmul av "xd" in update a "ad";; update b "bd" <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxv" : implements xv ((ϱ .{[ K₁]}) a ×ᵣ (ϱ .{[ K₁]}) b) --------------------------------------□ implements ?Goal (((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(InjRV (?Goal, #x), (Mul, a, b))]]}) (InjRV (?Goal, #x)))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]
"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxv" : implements xv ((ϱ .{[ K₁]}) a ×ᵣ (ϱ .{[ K₁]}) b) "Hx'" : verification.represents γ ℓₓ nᵣ (InjRV (?Goal, #x)) (el ×ₑ er) --------------------------------------□ "Hk" : x : val, ( a b : val, is_entry γ x (Mul, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜ e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} "Hinv" : verification.forward_inv γ ℓₓ r nᵣ (K₁ ++ [(InjRV (?Goal, #x), (Mul, a, b))]) --------------------------------------∗ |={⊤}=> EWP let: "x" := InjRV (xv, #x) in k "x";; let: "xd" := get_diff "x" in let: "ad" := nmul bv "xd" in let: "bd" := nmul av "xd" in update a "ad";; update b "bd" <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxv" : implements xv ((ϱ .{[ K₁]}) a ×ᵣ (ϱ .{[ K₁]}) b) --------------------------------------□ implements ?Goal (((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(InjRV (?Goal, #x), (Mul, a, b))]]}) (InjRV (?Goal, #x)))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxv" : implements xv ((ϱ .{[ K₁]}) a ×ᵣ (ϱ .{[ K₁]}) b) --------------------------------------□ implements ?Goal ((ϱ .{[ K₁ ++ [(InjRV (?Goal, #x), (Mul, a, b))]]}) (InjRV (?Goal, #x)))
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxv" : implements xv ((ϱ .{[ K₁]}) a ×ᵣ (ϱ .{[ K₁]}) b) --------------------------------------□ implements ?Goal ((ϱ .{[ K₁]}) a ×ᵣ (ϱ .{[ K₁]}) b)
by iApply "Hxv".
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxv" : implements xv ((ϱ .{[ K₁]}) a ×ᵣ (ϱ .{[ K₁]}) b) "Hx'" : verification.represents γ ℓₓ nᵣ (InjRV (xv, #x)) (el ×ₑ er) --------------------------------------□ "Hk" : x : val, ( a b : val, is_entry γ x (Mul, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} "Hinv" : verification.forward_inv γ ℓₓ r nᵣ (K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]) --------------------------------------∗ |={⊤}=> EWP let: "x" := InjRV (xv, #x) in k "x";; let: "xd" := get_diff "x" in let: "ad" := nmul bv "xd" in let: "bd" := nmul av "xd" in update a "ad";; update b "bd" <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxv" : implements xv ((ϱ .{[ K₁]}) a ×ᵣ (ϱ .{[ K₁]}) b) "Hx'" : verification.represents γ ℓₓ nᵣ (InjRV (xv, #x)) (el ×ₑ er) --------------------------------------□ "Hk" : x : val, ( a b : val, is_entry γ x (Mul, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} "Hinv" : verification.forward_inv γ ℓₓ r nᵣ (K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]) --------------------------------------∗ EWP let: "x" := InjRV (xv, #x) in k "x";; let: "xd" := get_diff "x" in let: "ad" := nmul bv "xd" in let: "bd" := nmul av "xd" in update a "ad";; update b "bd" <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxv" : implements xv ((ϱ .{[ K₁]}) a ×ᵣ (ϱ .{[ K₁]}) b) "Hx'" : a b : val, is_entry γ (InjRV (xv, #x)) (Mul, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er --------------------------------------□ "Hk" : x : val, ( a b : val, is_entry γ x (Mul, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} "Hinv" : verification.forward_inv γ ℓₓ r nᵣ (K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]) --------------------------------------∗ EWP k (InjRV (xv, #x));; let: "xd" := get_diff (InjRV (xv, #x)) in let: "ad" := nmul bv "xd" in let: "bd" := nmul av "xd" in update a "ad";; update b "bd" <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
(* Continuation call. *)
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxv" : implements xv ((ϱ .{[ K₁]}) a ×ᵣ (ϱ .{[ K₁]}) b) "Hx'" : a b : val, is_entry γ (InjRV (xv, #x)) (Mul, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er --------------------------------------□ "Hk" : x : val, ( a b : val, is_entry γ x (Mul, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} "Hinv" : verification.forward_inv γ ℓₓ r nᵣ (K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]) --------------------------------------∗ EWP k (InjRV (xv, #x)) <| Ψ |> {{ v, EWP fill (ConsCtx (AppRCtx (λ: <>, let: "xd" := get_diff (InjRV (xv, #x)) in let: "ad" := nmul bv "xd" in let: "bd" := nmul av "xd" in update a "ad";; update b "bd")) EmptyCtx) v <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }} }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxv" : implements xv ((ϱ .{[ K₁]}) a ×ᵣ (ϱ .{[ K₁]}) b) "Hx'" : a b : val, is_entry γ (InjRV (xv, #x)) (Mul, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er --------------------------------------□ "Hinv" : verification.forward_inv γ ℓₓ r nᵣ (K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]) "Hk" : x : val, ( a b : val, is_entry γ x (Mul, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} --------------------------------------∗ EWP k (InjRV (xv, #x)) <| Ψ |> {{ v, ?Goal v }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]
"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxv" : implements xv ((ϱ .{[ K₁]}) a ×ᵣ (ϱ .{[ K₁]}) b) "Hx'" : a b : val, is_entry γ (InjRV (xv, #x)) (Mul, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er --------------------------------------□ v : val, ?Goal v ={⊤}=∗ EWP fill (ConsCtx (AppRCtx (λ: <>, let: "xd" := get_diff (InjRV (xv, #x)) in let: "ad" := nmul bv "xd" in let: "bd" := nmul av "xd" in update a "ad";; update b "bd")) EmptyCtx) v <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxv" : implements xv ((ϱ .{[ K₁]}) a ×ᵣ (ϱ .{[ K₁]}) b) "Hx'" : a b : val, is_entry γ (InjRV (xv, #x)) (Mul, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er --------------------------------------□ "Hinv" : verification.forward_inv γ ℓₓ r nᵣ (K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]) "Hk" : x : val, ( a b : val, is_entry γ x (Mul, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er) -∗ (Ψ'' : iEff Σ) (Φ'' : val -d> iPropO Σ), ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ'' (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) Φ'' -∗ EWP k x <| Ψ'' |> {{ v, Φ'' v }} --------------------------------------∗ EWP k (InjRV (xv, #x)) <| Ψ |> {{ v, ?Goal v }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxv" : implements xv ((ϱ .{[ K₁]}) a ×ᵣ (ϱ .{[ K₁]}) b) "Hx'" : a b : val, is_entry γ (InjRV (xv, #x)) (Mul, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er --------------------------------------□ "Hinv" : verification.forward_inv γ ℓₓ r nᵣ (K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]) --------------------------------------∗ ▷ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) ?x
by iApply ("IH" with "Hinv").
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]

"IH" : a : context, verification.forward_inv γ ℓₓ r nᵣ a -∗ deep_handler ⊤ (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := get_val "a" in let: "bv" := get_val "b" in match: "op" with InjL <> => let: "x" := create (nadd "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in update "a" "xd";; update "b" "xd" | InjR <> => let: "x" := create (nmul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := nmul "bv" "xd" in let: "bd" := nmul "av" "xd" in update "a" "ad";; update "b" "bd" end)%V (λ: "res", update "res" none)%V (verification.AD γ ℓₓ nᵣ) Ψ (λ y : val, s : Expr (), verification.represents γ ℓₓ nᵣ y s ∗ ⌜e =ₑ s⌝) (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e a K₂ y) "Ha" : verification.represents γ ℓₓ nᵣ a el "Hb" : verification.represents γ ℓₓ nᵣ b er "Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxv" : implements xv ((ϱ .{[ K₁]}) a ×ᵣ (ϱ .{[ K₁]}) b) "Hx'" : a b : val, is_entry γ (InjRV (xv, #x)) (Mul, a, b) ∗ verification.represents γ ℓₓ nᵣ a el ∗ verification.represents γ ℓₓ nᵣ b er --------------------------------------□ v : val, (λ _ : val, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e (K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]) K₂ y) v ={⊤}=∗ EWP fill (ConsCtx (AppRCtx (λ: <>, let: "xd" := get_diff (InjRV (xv, #x)) in let: "ad" := nmul bv "xd" in let: "bd" := nmul av "xd" in update a "ad";; update b "bd")) EmptyCtx) v <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]

"Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) --------------------------------------□ v : val, ( (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e (K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]) K₂ y) ={⊤}=∗ EWP fill (ConsCtx (AppRCtx (λ: <>, let: "xd" := get_diff (InjRV (xv, #x)) in let: "ad" := nmul bv "xd" in let: "bd" := nmul av "xd" in update a "ad";; update b "bd")) EmptyCtx) v <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]
w: val

"Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) --------------------------------------□ ( (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e (K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]) K₂ y) ={⊤}=∗ EWP fill (ConsCtx (AppRCtx (λ: <>, let: "xd" := get_diff (InjRV (xv, #x)) in let: "ad" := nmul bv "xd" in let: "bd" := nmul av "xd" in update a "ad";; update b "bd")) EmptyCtx) w <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]
w: val
K₂: context
y: val

"Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) --------------------------------------□ "Hinv" : verification.backward_inv ℓₓ r nᵣ e (K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]) K₂ y --------------------------------------∗ |={⊤}=> EWP fill (ConsCtx (AppRCtx (λ: <>, let: "xd" := get_diff (InjRV (xv, #x)) in let: "ad" := nmul bv "xd" in let: "bd" := nmul av "xd" in update a "ad";; update b "bd")) EmptyCtx) w <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]
w: val
K₂: context
y: val

"Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) --------------------------------------□ "Hinv" : verification.backward_inv ℓₓ r nᵣ e (K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]) K₂ y --------------------------------------∗ EWP fill (ConsCtx (AppRCtx (λ: <>, let: "xd" := get_diff (InjRV (xv, #x)) in let: "ad" := nmul bv "xd" in let: "bd" := nmul av "xd" in update a "ad";; update b "bd")) EmptyCtx) w <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]
w: val
K₂: context
y: val

"Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) --------------------------------------□ "Hinv" : verification.backward_inv ℓₓ r nᵣ e (K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]) K₂ y --------------------------------------∗ EWP w;; let: "xd" := get_diff (InjRV (xv, #x)) in let: "ad" := nmul bv "xd" in let: "bd" := nmul av "xd" in update a "ad";; update b "bd" <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]
w: val
K₂: context
y: val

"Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) --------------------------------------□ "Hinv" : verification.backward_inv ℓₓ r nᵣ e (K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]) K₂ y --------------------------------------∗ EWP let: "xd" := get_diff (InjRV (xv, #x)) in let: "ad" := nmul bv "xd" in let: "bd" := nmul av "xd" in update a "ad";; update b "bd" <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]
w: val
K₂: context
y: val

"Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) --------------------------------------□ "Hinv" : verification.backward_inv ℓₓ r nᵣ e (K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]) K₂ y --------------------------------------∗ EWP get_diff (InjRV (xv, #x)) <| Ψ |> {{ v, EWP fill (ConsCtx (AppRCtx (λ: "xd", let: "ad" := nmul bv "xd" in let: "bd" := nmul av "xd" in update a "ad";; update b "bd")) EmptyCtx) v <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }} }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]
w: val
K₂: context
y: val

"Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) --------------------------------------□ "Hx" : verification.mapsto_diff r (K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]) K₂ y (InjRV (xv, #x)) "Hab" : verification.both_mapto_diff r (K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]) K₂ y a b "Hfinisher" : verification.both_mapto_diff r K₁ ((InjRV (xv, #x), (Mul, a, b)) :: K₂) y a b -∗ verification.backward_inv ℓₓ r nᵣ e K₁ ((InjRV (xv, #x), (Mul, a, b)) :: K₂) y --------------------------------------∗ EWP get_diff (InjRV (xv, #x)) <| Ψ |> {{ v, EWP fill (ConsCtx (AppRCtx (λ: "xd", let: "ad" := nmul bv "xd" in let: "bd" := nmul av "xd" in update a "ad";; update b "bd")) EmptyCtx) v <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }} }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]
w: val
K₂: context
y: val

"Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) --------------------------------------□ "Hab" : verification.both_mapto_diff r (K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]) K₂ y a b "Hfinisher" : verification.both_mapto_diff r K₁ ((InjRV (xv, #x), (Mul, a, b)) :: K₂) y a b -∗ verification.backward_inv ℓₓ r nᵣ e K₁ ((InjRV (xv, #x), (Mul, a, b)) :: K₂) y --------------------------------------∗ v : val, (λ d : val, verification.mapsto_diff r (K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]) K₂ y (InjRV (xv, #x)) ∗ ( s : R, implements d s ∗ ⌜s =ᵣ (∂ Let K₂ .in y ./ ∂ InjRV (xv, #x) .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]]}))⌝)) v ={⊤}=∗ EWP fill (ConsCtx (AppRCtx (λ: "xd", let: "ad" := nmul bv "xd" in let: "bd" := nmul av "xd" in update a "ad";; update b "bd")) EmptyCtx) v <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]
w: val
K₂: context
y, xd: val

"Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) --------------------------------------□ "Hab" : verification.both_mapto_diff r (K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]) K₂ y a b "Hfinisher" : verification.both_mapto_diff r K₁ ((InjRV (xv, #x), (Mul, a, b)) :: K₂) y a b -∗ verification.backward_inv ℓₓ r nᵣ e K₁ ((InjRV (xv, #x), (Mul, a, b)) :: K₂) y "Hxd" : s : R, implements xd s ∗ ⌜s =ᵣ (∂ Let K₂ .in y ./ ∂ InjRV (xv, #x) .at ((((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}) .{[ K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]]}))⌝ --------------------------------------∗ |={⊤}=> EWP fill (ConsCtx (AppRCtx (λ: "xd", let: "ad" := nmul bv "xd" in let: "bd" := nmul av "xd" in update a "ad";; update b "bd")) EmptyCtx) xd <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]
w: val
K₂: context
y, xd: val

"Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) --------------------------------------□ "Hab" : verification.both_mapto_diff r (K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]) K₂ y a b "Hfinisher" : verification.both_mapto_diff r K₁ ((InjRV (xv, #x), (Mul, a, b)) :: K₂) y a b -∗ verification.backward_inv ℓₓ r nᵣ e K₁ ((InjRV (xv, #x), (Mul, a, b)) :: K₂) y "Hxd" : s : R, implements xd s ∗ ⌜s =ᵣ (∂ Let K₂ .in y ./ ∂ InjRV (xv, #x) .at (ϱ .{[ K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]]}))⌝ --------------------------------------∗ |={⊤}=> EWP fill (ConsCtx (AppRCtx (λ: "xd", let: "ad" := nmul bv "xd" in let: "bd" := nmul av "xd" in update a "ad";; update b "bd")) EmptyCtx) xd <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]
w: val
K₂: context
y, xd: val
s: R
H: s =ᵣ (∂ Let K₂ .in y ./ ∂ InjRV (xv, #x) .at (ϱ .{[ K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]]}))

"Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxd" : implements xd s --------------------------------------□ "Hab" : verification.both_mapto_diff r (K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]) K₂ y a b "Hfinisher" : verification.both_mapto_diff r K₁ ((InjRV (xv, #x), (Mul, a, b)) :: K₂) y a b -∗ verification.backward_inv ℓₓ r nᵣ e K₁ ((InjRV (xv, #x), (Mul, a, b)) :: K₂) y --------------------------------------∗ |={⊤}=> EWP fill (ConsCtx (AppRCtx (λ: "xd", let: "ad" := nmul bv "xd" in let: "bd" := nmul av "xd" in update a "ad";; update b "bd")) EmptyCtx) xd <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]
w: val
K₂: context
y, xd: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ InjRV (xv, #x) .at (ϱ .{[ K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]]}))

"Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxd" : implements xd s --------------------------------------□ "Hab" : verification.both_mapto_diff r (K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]) K₂ y a b "Hfinisher" : verification.both_mapto_diff r K₁ ((InjRV (xv, #x), (Mul, a, b)) :: K₂) y a b -∗ verification.backward_inv ℓₓ r nᵣ e K₁ ((InjRV (xv, #x), (Mul, a, b)) :: K₂) y --------------------------------------∗ |={⊤}=> EWP fill (ConsCtx (AppRCtx (λ: "xd", let: "ad" := nmul bv "xd" in let: "bd" := nmul av "xd" in update a "ad";; update b "bd")) EmptyCtx) xd <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]
w: val
K₂: context
y, xd: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ InjRV (xv, #x) .at (ϱ .{[ K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]]}))

"Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxd" : implements xd s --------------------------------------□ "Hab" : verification.both_mapto_diff r (K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]) K₂ y a b "Hfinisher" : verification.both_mapto_diff r K₁ ((InjRV (xv, #x), (Mul, a, b)) :: K₂) y a b -∗ verification.backward_inv ℓₓ r nᵣ e K₁ ((InjRV (xv, #x), (Mul, a, b)) :: K₂) y --------------------------------------∗ EWP fill (ConsCtx (AppRCtx (λ: "xd", let: "ad" := nmul bv "xd" in let: "bd" := nmul av "xd" in update a "ad";; update b "bd")) EmptyCtx) xd <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]
w: val
K₂: context
y, xd: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ InjRV (xv, #x) .at (ϱ .{[ K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]]}))

"Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxd" : implements xd s --------------------------------------□ "Hab" : verification.both_mapto_diff r (K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]) K₂ y a b "Hfinisher" : verification.both_mapto_diff r K₁ ((InjRV (xv, #x), (Mul, a, b)) :: K₂) y a b -∗ verification.backward_inv ℓₓ r nᵣ e K₁ ((InjRV (xv, #x), (Mul, a, b)) :: K₂) y --------------------------------------∗ EWP let: "xd" := xd in let: "ad" := nmul bv "xd" in let: "bd" := nmul av "xd" in update a "ad";; update b "bd" <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]
w: val
K₂: context
y, xd: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ InjRV (xv, #x) .at (ϱ .{[ K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]]}))

"Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxd" : implements xd s --------------------------------------□ "Hab" : verification.both_mapto_diff r (K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]) K₂ y a b "Hfinisher" : verification.both_mapto_diff r K₁ ((InjRV (xv, #x), (Mul, a, b)) :: K₂) y a b -∗ verification.backward_inv ℓₓ r nᵣ e K₁ ((InjRV (xv, #x), (Mul, a, b)) :: K₂) y --------------------------------------∗ EWP let: "ad" := nmul bv xd in let: "bd" := nmul av xd in update a "ad";; update b "bd" <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]
w: val
K₂: context
y, xd: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ InjRV (xv, #x) .at (ϱ .{[ K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]]}))

"Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxd" : implements xd s --------------------------------------□ "Hab" : verification.both_mapto_diff r (K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]) K₂ y a b "Hfinisher" : verification.both_mapto_diff r K₁ ((InjRV (xv, #x), (Mul, a, b)) :: K₂) y a b -∗ verification.backward_inv ℓₓ r nᵣ e K₁ ((InjRV (xv, #x), (Mul, a, b)) :: K₂) y --------------------------------------∗ EWP nmul bv xd <| Ψ |> {{ v, EWP fill_item (AppRCtx (λ: "ad", let: "bd" := nmul av xd in update a "ad";; update b "bd")) v <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }} }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]
w: val
K₂: context
y, xd: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ InjRV (xv, #x) .at (ϱ .{[ K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]]}))

"Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxd" : implements xd s --------------------------------------□ "Hab" : verification.both_mapto_diff r (K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]) K₂ y a b "Hfinisher" : verification.both_mapto_diff r K₁ ((InjRV (xv, #x), (Mul, a, b)) :: K₂) y a b -∗ verification.backward_inv ℓₓ r nᵣ e K₁ ((InjRV (xv, #x), (Mul, a, b)) :: K₂) y --------------------------------------∗ v : val, (λ x : val, implements x ((ϱ .{[ K₁]}) b ×ᵣ s)) v ={⊤}=∗ EWP fill_item (AppRCtx (λ: "ad", let: "bd" := nmul av xd in update a "ad";; update b "bd")) v <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]
w: val
K₂: context
y, xd: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ InjRV (xv, #x) .at (ϱ .{[ K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]]}))
ad: val

"Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxd" : implements xd s "Had" : implements ad ((ϱ .{[ K₁]}) b ×ᵣ s) --------------------------------------□ "Hab" : verification.both_mapto_diff r (K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]) K₂ y a b "Hfinisher" : verification.both_mapto_diff r K₁ ((InjRV (xv, #x), (Mul, a, b)) :: K₂) y a b -∗ verification.backward_inv ℓₓ r nᵣ e K₁ ((InjRV (xv, #x), (Mul, a, b)) :: K₂) y --------------------------------------∗ |={⊤}=> EWP fill_item (AppRCtx (λ: "ad", let: "bd" := nmul av xd in update a "ad";; update b "bd")) ad <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]
w: val
K₂: context
y, xd: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ InjRV (xv, #x) .at (ϱ .{[ K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]]}))
ad: val

"Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxd" : implements xd s "Had" : implements ad ((ϱ .{[ K₁]}) b ×ᵣ s) --------------------------------------□ "Hab" : verification.both_mapto_diff r (K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]) K₂ y a b "Hfinisher" : verification.both_mapto_diff r K₁ ((InjRV (xv, #x), (Mul, a, b)) :: K₂) y a b -∗ verification.backward_inv ℓₓ r nᵣ e K₁ ((InjRV (xv, #x), (Mul, a, b)) :: K₂) y --------------------------------------∗ EWP fill_item (AppRCtx (λ: "ad", let: "bd" := nmul av xd in update a "ad";; update b "bd")) ad <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]
w: val
K₂: context
y, xd: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ InjRV (xv, #x) .at (ϱ .{[ K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]]}))
ad: val

"Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxd" : implements xd s "Had" : implements ad ((ϱ .{[ K₁]}) b ×ᵣ s) --------------------------------------□ "Hab" : verification.both_mapto_diff r (K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]) K₂ y a b "Hfinisher" : verification.both_mapto_diff r K₁ ((InjRV (xv, #x), (Mul, a, b)) :: K₂) y a b -∗ verification.backward_inv ℓₓ r nᵣ e K₁ ((InjRV (xv, #x), (Mul, a, b)) :: K₂) y --------------------------------------∗ EWP let: "ad" := ad in let: "bd" := nmul av xd in update a "ad";; update b "bd" <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]
w: val
K₂: context
y, xd: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ InjRV (xv, #x) .at (ϱ .{[ K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]]}))
ad: val

"Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxd" : implements xd s "Had" : implements ad ((ϱ .{[ K₁]}) b ×ᵣ s) --------------------------------------□ "Hab" : verification.both_mapto_diff r (K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]) K₂ y a b "Hfinisher" : verification.both_mapto_diff r K₁ ((InjRV (xv, #x), (Mul, a, b)) :: K₂) y a b -∗ verification.backward_inv ℓₓ r nᵣ e K₁ ((InjRV (xv, #x), (Mul, a, b)) :: K₂) y --------------------------------------∗ EWP let: "bd" := nmul av xd in update a ad;; update b "bd" <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]
w: val
K₂: context
y, xd: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ InjRV (xv, #x) .at (ϱ .{[ K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]]}))
ad: val

"Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxd" : implements xd s "Had" : implements ad ((ϱ .{[ K₁]}) b ×ᵣ s) --------------------------------------□ "Hab" : verification.both_mapto_diff r (K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]) K₂ y a b "Hfinisher" : verification.both_mapto_diff r K₁ ((InjRV (xv, #x), (Mul, a, b)) :: K₂) y a b -∗ verification.backward_inv ℓₓ r nᵣ e K₁ ((InjRV (xv, #x), (Mul, a, b)) :: K₂) y --------------------------------------∗ EWP nmul av xd <| Ψ |> {{ v, EWP fill_item (AppRCtx (λ: "bd", update a ad;; update b "bd")) v <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }} }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]
w: val
K₂: context
y, xd: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ InjRV (xv, #x) .at (ϱ .{[ K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]]}))
ad: val

"Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxd" : implements xd s "Had" : implements ad ((ϱ .{[ K₁]}) b ×ᵣ s) --------------------------------------□ "Hab" : verification.both_mapto_diff r (K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]) K₂ y a b "Hfinisher" : verification.both_mapto_diff r K₁ ((InjRV (xv, #x), (Mul, a, b)) :: K₂) y a b -∗ verification.backward_inv ℓₓ r nᵣ e K₁ ((InjRV (xv, #x), (Mul, a, b)) :: K₂) y --------------------------------------∗ v : val, (λ x : val, implements x ((ϱ .{[ K₁]}) a ×ᵣ s)) v ={⊤}=∗ EWP fill_item (AppRCtx (λ: "bd", update a ad;; update b "bd")) v <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]
w: val
K₂: context
y, xd: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ InjRV (xv, #x) .at (ϱ .{[ K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]]}))
ad, bd: val

"Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxd" : implements xd s "Had" : implements ad ((ϱ .{[ K₁]}) b ×ᵣ s) "Hbd" : implements bd ((ϱ .{[ K₁]}) a ×ᵣ s) --------------------------------------□ "Hab" : verification.both_mapto_diff r (K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]) K₂ y a b "Hfinisher" : verification.both_mapto_diff r K₁ ((InjRV (xv, #x), (Mul, a, b)) :: K₂) y a b -∗ verification.backward_inv ℓₓ r nᵣ e K₁ ((InjRV (xv, #x), (Mul, a, b)) :: K₂) y --------------------------------------∗ |={⊤}=> EWP fill_item (AppRCtx (λ: "bd", update a ad;; update b "bd")) bd <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]
w: val
K₂: context
y, xd: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ InjRV (xv, #x) .at (ϱ .{[ K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]]}))
ad, bd: val

"Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxd" : implements xd s "Had" : implements ad ((ϱ .{[ K₁]}) b ×ᵣ s) "Hbd" : implements bd ((ϱ .{[ K₁]}) a ×ᵣ s) --------------------------------------□ "Hab" : verification.both_mapto_diff r (K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]) K₂ y a b "Hfinisher" : verification.both_mapto_diff r K₁ ((InjRV (xv, #x), (Mul, a, b)) :: K₂) y a b -∗ verification.backward_inv ℓₓ r nᵣ e K₁ ((InjRV (xv, #x), (Mul, a, b)) :: K₂) y --------------------------------------∗ EWP fill_item (AppRCtx (λ: "bd", update a ad;; update b "bd")) bd <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]
w: val
K₂: context
y, xd: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ InjRV (xv, #x) .at (ϱ .{[ K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]]}))
ad, bd: val

"Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxd" : implements xd s "Had" : implements ad ((ϱ .{[ K₁]}) b ×ᵣ s) "Hbd" : implements bd ((ϱ .{[ K₁]}) a ×ᵣ s) --------------------------------------□ "Hab" : verification.both_mapto_diff r (K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]) K₂ y a b "Hfinisher" : verification.both_mapto_diff r K₁ ((InjRV (xv, #x), (Mul, a, b)) :: K₂) y a b -∗ verification.backward_inv ℓₓ r nᵣ e K₁ ((InjRV (xv, #x), (Mul, a, b)) :: K₂) y --------------------------------------∗ EWP let: "bd" := bd in update a ad;; update b "bd" <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]
w: val
K₂: context
y, xd: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ InjRV (xv, #x) .at (ϱ .{[ K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]]}))
ad, bd: val

"Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxd" : implements xd s "Had" : implements ad ((ϱ .{[ K₁]}) b ×ᵣ s) "Hbd" : implements bd ((ϱ .{[ K₁]}) a ×ᵣ s) --------------------------------------□ "Hab" : verification.both_mapto_diff r (K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]) K₂ y a b "Hfinisher" : verification.both_mapto_diff r K₁ ((InjRV (xv, #x), (Mul, a, b)) :: K₂) y a b -∗ verification.backward_inv ℓₓ r nᵣ e K₁ ((InjRV (xv, #x), (Mul, a, b)) :: K₂) y --------------------------------------∗ EWP update a ad;; update b bd <| Ψ |> {{ _, (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y }}
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]
w: val
K₂: context
y, xd: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ InjRV (xv, #x) .at (ϱ .{[ K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]]}))
ad, bd: val

"Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxd" : implements xd s "Had" : implements ad ((ϱ .{[ K₁]}) b ×ᵣ s) "Hbd" : implements bd ((ϱ .{[ K₁]}) a ×ᵣ s) --------------------------------------□ "Hfinisher" : verification.both_mapto_diff r K₁ ((InjRV (xv, #x), (Mul, a, b)) :: K₂) y a b -∗ verification.backward_inv ℓₓ r nᵣ e K₁ ((InjRV (xv, #x), (Mul, a, b)) :: K₂) y --------------------------------------∗ v : val, (λ _ : val, verification.both_mapto_diff r K₁ ((InjRV (xv, #x), (Mul, a, b)) :: K₂) y a b) v ={⊤}=∗ (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]
w: val
K₂: context
y, xd: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ InjRV (xv, #x) .at (ϱ .{[ K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]]}))
ad, bd: val

"Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxd" : implements xd s "Had" : implements ad ((ϱ .{[ K₁]}) b ×ᵣ s) "Hbd" : implements bd ((ϱ .{[ K₁]}) a ×ᵣ s) --------------------------------------□ "Hfinisher" : verification.both_mapto_diff r K₁ ((InjRV (xv, #x), (Mul, a, b)) :: K₂) y a b -∗ verification.backward_inv ℓₓ r nᵣ e K₁ ((InjRV (xv, #x), (Mul, a, b)) :: K₂) y "Hinv" : verification.both_mapto_diff r K₁ ((InjRV (xv, #x), (Mul, a, b)) :: K₂) y a b --------------------------------------∗ (K₂ : context) (y : val), verification.backward_inv ℓₓ r nᵣ e K₁ K₂ y
Σ: gFunctors
cgraphG0: cgraphG Σ
heapG0: heapG Σ
R: Set
RS: RingSig R
RA: IsRing R
N: Num
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
γ: gname
ℓₓ: loc
r: R
nᵣ: val
e: Expr ()
f: val
ϱ:= ((λ _ : val, r) .{[ a₀ := Oᵣ]}) .{[ a₁ := Iᵣ]}: val → R
K₁: context
k, a, b: val
el, er: Expr ()
av, bv: val
HND: NoDup (defs K₁ ++ [InjRV (nᵣ, #ℓₓ)])
Ha: a ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hb: b ∈ defs K₁ ++ [a₀; a₁; InjRV (nᵣ, #ℓₓ)]
Hdefs: a : val, a ∈ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)] → (v : val) ( : loc), a = InjRV (v, #ℓ)
xv: val
x: loc
Hx: v : val, InjRV (v, #x) ∉ defs K₁ ++ [InjRV (nᵣ, #ℓₓ)]
w: val
K₂: context
y, xd: val
s: R
Hs: s =ᵣ (∂ Let K₂ .in y ./ ∂ InjRV (xv, #x) .at (ϱ .{[ K₁ ++ [(InjRV (xv, #x), (Mul, a, b))]]}))
ad, bd: val

"Hav" : implements av ((ϱ .{[ K₁]}) a) "Hbv" : implements bv ((ϱ .{[ K₁]}) b) "Hxd" : implements xd s "Had" : implements ad ((ϱ .{[ K₁]}) b ×ᵣ s) "Hbd" : implements bd ((ϱ .{[ K₁]}) a ×ᵣ s) --------------------------------------□ "Hfinisher" : verification.both_mapto_diff r K₁ ((InjRV (xv, #x), (Mul, a, b)) :: K₂) y a b -∗ verification.backward_inv ℓₓ r nᵣ e K₁ ((InjRV (xv, #x), (Mul, a, b)) :: K₂) y "Hinv" : verification.both_mapto_diff r K₁ ((InjRV (xv, #x), (Mul, a, b)) :: K₂) y a b --------------------------------------∗ verification.backward_inv ℓₓ r nᵣ e K₁ ((?Goal, (Mul, a, b)) :: K₂) y
by iApply "Hfinisher". } } Qed. End proof_of_handle. Section proof_of_diff. Context `{R₁: !cgraphG Σ, R₂: !heapG Σ}.
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ

⊢ diff_spec
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ

⊢ diff_spec
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()

"Hclient" : isExp f e --------------------------------------∗ isExp (diff f) (∂ e ./ ∂ () .at (λ _ : (), Xₑ))
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num

"Hclient" : isExp f e --------------------------------------∗ EWP diff f N <| ⊥ |> {{ vf, (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec N Ψ RS) (x : val) (r : R), implements x r -∗ EWP vf x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ e ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }} }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num

"Hclient" : isExp f e --------------------------------------∗ EWP let: "vf" := f ADNum in λ: "a", let: "x" := create "a" in handle "vf" "x";; get_diff "x" <| ⊥ |> {{ vf, (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec N Ψ RS) (x : val) (r : R), implements x r -∗ EWP vf x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ e ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }} }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num

"Hclient" : isExp f e --------------------------------------∗ EWP f ADNum <| ⊥ |> {{ v, EWP fill_item (AppRCtx (λ: "vf" "a", let: "x" := create "a" in handle "vf" "x";; get_diff "x")) v <| ⊥ |> {{ vf, (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec N Ψ RS) (x : val) (r : R), implements x r -∗ EWP vf x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜ s =ᵣ eval (map (λ _ : (), r) (∂ e ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }} }} }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num

"Hclient" : EWP f ADNum <| ⊥ |> {{ vf, (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec ADNum Ψ RS) (x : val) (r : R), implements x r -∗ EWP vf x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜ s =ᵣ eval (map (λ _ : (), r) e)⌝ }} }} --------------------------------------∗ EWP f ADNum <| ⊥ |> {{ v, EWP fill_item (AppRCtx (λ: "vf" "a", let: "x" := create "a" in handle "vf" "x";; get_diff "x")) v <| ⊥ |> {{ vf, (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec N Ψ RS) (x : val) (r : R), implements x r -∗ EWP vf x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜ s =ᵣ eval (map (λ _ : (), r) (∂ e ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }} }} }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num

--------------------------------------∗ v : val, ( (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec ADNum Ψ RS) (x : val) (r : R), implements x r -∗ EWP v x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) e)⌝ }}) ={⊤}=∗ EWP fill_item (AppRCtx (λ: "vf" "a", let: "x" := create "a" in handle "vf" "x";; get_diff "x")) v <| ⊥ |> {{ vf, (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec N Ψ RS) (x : val) (r : R), implements x r -∗ EWP vf x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ e ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }} }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num
vf: val

"Hvf" : (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec ADNum Ψ RS) (x : val) (r : R), implements x r -∗ EWP vf x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) e)⌝ }} --------------------------------------∗ |={⊤}=> EWP fill_item (AppRCtx (λ: "vf" "a", let: "x" := create "a" in handle "vf" "x";; get_diff "x")) vf <| ⊥ |> {{ vf, (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec N Ψ RS) (x : val) (r : R), implements x r -∗ EWP vf x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ e ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }} }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num
vf: val

"Hvf" : (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec ADNum Ψ RS) (x : val) (r : R), implements x r -∗ EWP vf x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) e)⌝ }} --------------------------------------∗ EWP fill_item (AppRCtx (λ: "vf" "a", let: "x" := create "a" in handle "vf" "x";; get_diff "x")) vf <| ⊥ |> {{ vf, (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec N Ψ RS) (x : val) (r : R), implements x r -∗ EWP vf x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ e ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }} }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num
vf: val

"Hvf" : (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec ADNum Ψ RS) (x : val) (r : R), implements x r -∗ EWP vf x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) e)⌝ }} --------------------------------------∗ EWP let: "vf" := vf in λ: "a", let: "x" := create "a" in handle "vf" "x";; get_diff "x" <| ⊥ |> {{ vf, (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec N Ψ RS) (x : val) (r : R), implements x r -∗ EWP vf x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ e ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }} }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num
vf: val

"Hvf" : (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec ADNum Ψ RS) (x : val) (r : R), implements x r -∗ EWP vf x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) e)⌝ }} --------------------------------------∗ (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec N Ψ RS) (x : val) (r : R), implements x r -∗ EWP (λ: "a", let: "x" := create "a" in handle vf "x";; get_diff "x")%V x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ e ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R

"Hvf" : (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec ADNum Ψ RS) (x : val) (r : R), implements x r -∗ EWP vf x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) e)⌝ }} "Hx" : implements x r --------------------------------------∗ EWP (λ: "a", let: "x" := create "a" in handle vf "x";; get_diff "x")%V x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ e ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R

"Hvf" : (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec ADNum Ψ RS) (x : val) (r : R), implements x r -∗ EWP vf x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) e)⌝ }} "Hx" : implements x r --------------------------------------∗ EWP let: "x" := create x in handle vf "x";; get_diff "x" <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ e ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R

"Hvf" : (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec ADNum Ψ RS) (x : val) (r : R), implements x r -∗ EWP vf x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) e)⌝ }} "Hx" : implements x r --------------------------------------∗ EWP create x <| Ψ |> {{ v, EWP fill_item (AppRCtx (λ: "x", handle vf "x";; get_diff "x")) v <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ e ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }} }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R

"Hvf" : (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec ADNum Ψ RS) (x : val) (r : R), implements x r -∗ EWP vf x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) e)⌝ }} "Hx" : implements x r --------------------------------------∗ v : val, (λ w : val, : loc, ⌜w = InjRV (x, #ℓ)⌝ ∗ ℓ ↦ nzero) v ={⊤}=∗ EWP fill_item (AppRCtx (λ: "x", handle vf "x";; get_diff "x")) v <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ e ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R
ℓₓ': val

"Hvf" : (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec ADNum Ψ RS) (x : val) (r : R), implements x r -∗ EWP vf x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) e)⌝ }} "Hx" : implements x r "Hℓₓ" : : loc, ⌜ℓₓ' = InjRV (x, #ℓ)⌝ ∗ ℓ ↦ nzero --------------------------------------∗ EWP fill_item (AppRCtx (λ: "x", handle vf "x";; get_diff "x")) ℓₓ' <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ e ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R
ℓₓ: loc

"Hvf" : (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec ADNum Ψ RS) (x : val) (r : R), implements x r -∗ EWP vf x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) e)⌝ }} "Hx" : implements x r "Hℓₓ" : ℓₓ ↦ nzero --------------------------------------∗ EWP fill_item (AppRCtx (λ: "x", handle vf "x";; get_diff "x")) (InjRV (x, #ℓₓ)) <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ e ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R
ℓₓ: loc

"Hvf" : (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec ADNum Ψ RS) (x : val) (r : R), implements x r -∗ EWP vf x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) e)⌝ }} "Hx" : implements x r "Hℓₓ" : ℓₓ ↦ nzero --------------------------------------∗ EWP let: "x" := InjRV (x, #ℓₓ) in handle vf "x";; get_diff "x" <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ e ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R
ℓₓ: loc

"Hvf" : (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec ADNum Ψ RS) (x : val) (r : R), implements x r -∗ EWP vf x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) e)⌝ }} "Hx" : implements x r "Hℓₓ" : ℓₓ ↦ nzero --------------------------------------∗ EWP handle vf (InjRV (x, #ℓₓ));; get_diff (InjRV (x, #ℓₓ)) <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ e ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R
ℓₓ: loc

"Hvf" : (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec ADNum Ψ RS) (x : val) (r : R), implements x r -∗ EWP vf x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) e)⌝ }} "Hx" : implements x r "Hℓₓ" : ℓₓ ↦ nzero --------------------------------------∗ EWP handle vf (InjRV (x, #ℓₓ)) <| Ψ |> {{ v, EWP fill_item (AppRCtx (λ: <>, get_diff (InjRV (x, #ℓₓ)))) v <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ e ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }} }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R
ℓₓ: loc

"Hvf" : (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec ADNum Ψ RS) (x : val) (r : R), implements x r -∗ EWP vf x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) e)⌝ }} "Hx" : implements x r "Hℓₓ" : ℓₓ ↦ nzero --------------------------------------∗ |={⊤}=> EWP handle vf (InjRV (x, #ℓₓ)) <| Ψ |> {{ v, EWP fill_item (AppRCtx (λ: <>, get_diff (InjRV (x, #ℓₓ)))) v <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ e ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }} }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R
ℓₓ: loc
γ: gname

"Hvf" : (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec ADNum Ψ RS) (x : val) (r : R), implements x r -∗ EWP vf x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) e)⌝ }} "Hinv" : forward_inv γ ℓₓ r x [] --------------------------------------∗ |={⊤}=> EWP handle vf (InjRV (x, #ℓₓ)) <| Ψ |> {{ v, EWP fill_item (AppRCtx (λ: <>, get_diff (InjRV (x, #ℓₓ)))) v <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ e ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }} }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R
ℓₓ: loc
γ: gname

"Hvf" : (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec ADNum Ψ RS) (x : val) (r : R), implements x r -∗ EWP vf x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) e)⌝ }} "Hinv" : forward_inv γ ℓₓ r x [] --------------------------------------∗ EWP handle vf (InjRV (x, #ℓₓ)) <| Ψ |> {{ v, EWP fill_item (AppRCtx (λ: <>, get_diff (InjRV (x, #ℓₓ)))) v <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ e ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }} }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R
ℓₓ: loc
γ: gname
Ψ_client:= AD γ ℓₓ x: iEff Σ

"Hvf" : (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec ADNum Ψ RS) (x : val) (r : R), implements x r -∗ EWP vf x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) e)⌝ }} "Hinv" : forward_inv γ ℓₓ r x [] --------------------------------------∗ EWP handle vf (InjRV (x, #ℓₓ)) <| Ψ |> {{ v, EWP fill_item (AppRCtx (λ: <>, get_diff (InjRV (x, #ℓₓ)))) v <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ e ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }} }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R
ℓₓ: loc
γ: gname
Ψ_client:= AD γ ℓₓ x: iEff Σ
NSpec_client:= ADNumSpec γ ℓₓ x: NumSpec ADNum (AD γ ℓₓ x) (ExprRing ())

"Hvf" : (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec ADNum Ψ RS) (x : val) (r : R), implements x r -∗ EWP vf x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) e)⌝ }} "Hinv" : forward_inv γ ℓₓ r x [] --------------------------------------∗ EWP handle vf (InjRV (x, #ℓₓ)) <| Ψ |> {{ v, EWP fill_item (AppRCtx (λ: <>, get_diff (InjRV (x, #ℓₓ)))) v <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ e ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }} }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R
ℓₓ: loc
γ: gname
Ψ_client:= AD γ ℓₓ x: iEff Σ
NSpec_client:= ADNumSpec γ ℓₓ x: NumSpec ADNum (AD γ ℓₓ x) (ExprRing ())
aₓ:= InjRV (x, #ℓₓ): val

"Hvf" : (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec ADNum Ψ RS) (x : val) (r : R), implements x r -∗ EWP vf x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) e)⌝ }} "Hinv" : forward_inv γ ℓₓ r x [] --------------------------------------∗ EWP handle vf aₓ <| Ψ |> {{ v, EWP fill_item (AppRCtx (λ: <>, get_diff aₓ)) v <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ e ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }} }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R
ℓₓ: loc
γ: gname
Ψ_client:= AD γ ℓₓ x: iEff Σ
NSpec_client:= ADNumSpec γ ℓₓ x: NumSpec ADNum (AD γ ℓₓ x) (ExprRing ())
aₓ:= InjRV (x, #ℓₓ): val

"Hvf" : (Ψ : iEff Σ) (NSpec : NumSpec ADNum Ψ (ExprRing ())) (x : val) (r : Expr ()), implements x r -∗ EWP vf x <| Ψ |> {{ y, s : Expr (), implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) e)⌝ }} "Hinv" : forward_inv γ ℓₓ r x [] --------------------------------------∗ EWP handle vf aₓ <| Ψ |> {{ v, EWP fill_item (AppRCtx (λ: <>, get_diff aₓ)) v <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ e ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }} }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R
ℓₓ: loc
γ: gname
Ψ_client:= AD γ ℓₓ x: iEff Σ
NSpec_client:= ADNumSpec γ ℓₓ x: NumSpec ADNum (AD γ ℓₓ x) (ExprRing ())
aₓ:= InjRV (x, #ℓₓ): val

"Hinv" : forward_inv γ ℓₓ r x [] "Hvf" : EWP vf aₓ <| Ψ_client |> {{ y, s : Expr (), implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), Xₑ) e)⌝ }} --------------------------------------∗ EWP handle vf aₓ <| Ψ |> {{ v, EWP fill_item (AppRCtx (λ: <>, get_diff aₓ)) v <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ e ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }} }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R
ℓₓ: loc
γ: gname
Ψ_client:= AD γ ℓₓ x: iEff Σ
NSpec_client:= ADNumSpec γ ℓₓ x: NumSpec ADNum (AD γ ℓₓ x) (ExprRing ())
aₓ:= InjRV (x, #ℓₓ): val

"Hinv" : forward_inv γ ℓₓ r x [] "Hvf" : EWP vf aₓ <| Ψ_client |> {{ y, s : Expr (), implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), Xₑ) e)⌝ }} --------------------------------------∗ EWP handle vf aₓ <| Ψ |> {{ v, ?Goal v }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R
ℓₓ: loc
γ: gname
Ψ_client:= AD γ ℓₓ x: iEff Σ
NSpec_client:= ADNumSpec γ ℓₓ x: NumSpec ADNum (AD γ ℓₓ x) (ExprRing ())
aₓ:= InjRV (x, #ℓₓ): val
--------------------------------------∗ v : val, ?Goal v ={⊤}=∗ EWP fill_item (AppRCtx (λ: <>, get_diff aₓ)) v <| Ψ |> {{ y, s : R, implements y s ∗ ⌜ s =ᵣ eval (map (λ _ : (), r) (∂ e ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R
ℓₓ: loc
γ: gname
Ψ_client:= AD γ ℓₓ x: iEff Σ
NSpec_client:= ADNumSpec γ ℓₓ x: NumSpec ADNum (AD γ ℓₓ x) (ExprRing ())
aₓ:= InjRV (x, #ℓₓ): val

"Hinv" : forward_inv γ ℓₓ r x [] "Hvf" : EWP vf aₓ <| Ψ_client |> {{ y, s : Expr (), implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), Xₑ) e)⌝ }} --------------------------------------∗ EWP handle vf aₓ <| Ψ |> {{ v, ?Goal v }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R
ℓₓ: loc
γ: gname
Ψ_client:= AD γ ℓₓ x: iEff Σ
NSpec_client:= ADNumSpec γ ℓₓ x: NumSpec ADNum (AD γ ℓₓ x) (ExprRing ())
aₓ:= InjRV (x, #ℓₓ): val

"Hvf" : EWP vf aₓ <| Ψ_client |> {{ y, s : Expr (), implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), Xₑ) e)⌝ }} --------------------------------------∗ EWP vf (InjRV (x, #ℓₓ)) <| AD γ ℓₓ x |> {{ y, s : Expr (), represents γ ℓₓ x y s ∗ ⌜?Goal0 =ₑ s⌝ }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R
ℓₓ: loc
γ: gname
Ψ_client:= AD γ ℓₓ x: iEff Σ
NSpec_client:= ADNumSpec γ ℓₓ x: NumSpec ADNum (AD γ ℓₓ x) (ExprRing ())
aₓ:= InjRV (x, #ℓₓ): val

--------------------------------------∗ v : val, ( s : Expr (), implements v s ∗ ⌜s =ᵣ eval (map (λ _ : (), Xₑ) e)⌝) ={⊤}=∗ s : Expr (), represents γ ℓₓ x v s ∗ ⌜?Goal0 =ₑ s⌝
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R
ℓₓ: loc
γ: gname
Ψ_client:= AD γ ℓₓ x: iEff Σ
NSpec_client:= ADNumSpec γ ℓₓ x: NumSpec ADNum (AD γ ℓₓ x) (ExprRing ())
aₓ:= InjRV (x, #ℓₓ): val
y: val

--------------------------------------∗ ( s : Expr (), implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), Xₑ) e)⌝) ={⊤}=∗ s : Expr (), represents γ ℓₓ x y s ∗ ⌜?Goal0 =ₑ s⌝
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R
ℓₓ: loc
γ: gname
Ψ_client:= AD γ ℓₓ x: iEff Σ
NSpec_client:= ADNumSpec γ ℓₓ x: NumSpec ADNum (AD γ ℓₓ x) (ExprRing ())
aₓ:= InjRV (x, #ℓₓ): val
y: val
s: Expr ()
H: s =ᵣ eval (map (λ _ : (), Xₑ) e)

"Hs" : implements y s --------------------------------------∗ |={⊤}=> s : Expr (), represents γ ℓₓ x y s ∗ ⌜?Goal0 =ₑ s⌝
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R
ℓₓ: loc
γ: gname
Ψ_client:= AD γ ℓₓ x: iEff Σ
NSpec_client:= ADNumSpec γ ℓₓ x: NumSpec ADNum (AD γ ℓₓ x) (ExprRing ())
aₓ:= InjRV (x, #ℓₓ): val
y: val
s: Expr ()
He: s =ᵣ eval (map (λ _ : (), Xₑ) e)

"Hs" : implements y s --------------------------------------∗ |={⊤}=> s : Expr (), represents γ ℓₓ x y s ∗ ⌜?Goal0 =ₑ s⌝
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R
ℓₓ: loc
γ: gname
Ψ_client:= AD γ ℓₓ x: iEff Σ
NSpec_client:= ADNumSpec γ ℓₓ x: NumSpec ADNum (AD γ ℓₓ x) (ExprRing ())
aₓ:= InjRV (x, #ℓₓ): val
y: val
s: Expr ()
He: s =ᵣ eval (map (λ _ : (), Xₑ) e)

"Hs" : implements y s --------------------------------------∗ s : Expr (), represents γ ℓₓ x y s ∗ ⌜?Goal0 =ₑ s⌝
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R
ℓₓ: loc
γ: gname
Ψ_client:= AD γ ℓₓ x: iEff Σ
NSpec_client:= ADNumSpec γ ℓₓ x: NumSpec ADNum (AD γ ℓₓ x) (ExprRing ())
aₓ:= InjRV (x, #ℓₓ): val
y: val
s: Expr ()
He: s =ᵣ eval (map (λ _ : (), Xₑ) e)

"Hs" : implements y s --------------------------------------∗ represents γ ℓₓ x y s ∗ ⌜?Goal0 =ₑ s⌝
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R
ℓₓ: loc
γ: gname
Ψ_client:= AD γ ℓₓ x: iEff Σ
NSpec_client:= ADNumSpec γ ℓₓ x: NumSpec ADNum (AD γ ℓₓ x) (ExprRing ())
aₓ:= InjRV (x, #ℓₓ): val
y: val
s: Expr ()
He: s =ᵣ eval (map (λ _ : (), Xₑ) e)

--------------------------------------∗ ⌜?Goal0 =ₑ s⌝
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R
ℓₓ: loc
γ: gname
Ψ_client:= AD γ ℓₓ x: iEff Σ
NSpec_client:= ADNumSpec γ ℓₓ x: NumSpec ADNum (AD γ ℓₓ x) (ExprRing ())
aₓ:= InjRV (x, #ℓₓ): val
y: val
s: Expr ()
He: s =ᵣ eval (map (λ _ : (), Xₑ) e)

?Goal0 =ₑ s
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R
ℓₓ: loc
γ: gname
Ψ_client:= AD γ ℓₓ x: iEff Σ
NSpec_client:= ADNumSpec γ ℓₓ x: NumSpec ADNum (AD γ ℓₓ x) (ExprRing ())
aₓ:= InjRV (x, #ℓₓ): val
y: val
s: Expr ()
He: s =ᵣ eval (map (λ _ : (), Xₑ) e)

s =ₑ ?y
by apply He.
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R
ℓₓ: loc
γ: gname
Ψ_client:= AD γ ℓₓ x: iEff Σ
NSpec_client:= ADNumSpec γ ℓₓ x: NumSpec ADNum (AD γ ℓₓ x) (ExprRing ())
aₓ:= InjRV (x, #ℓₓ): val

--------------------------------------∗ v : val, (λ _ : val, (K₂ : context) (y : val), backward_inv ℓₓ r x (eval (map (λ _ : (), Xₑ) e)) [] K₂ y) v ={⊤}=∗ EWP fill_item (AppRCtx (λ: <>, get_diff aₓ)) v <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ e ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R
ℓₓ: loc
γ: gname
Ψ_client:= AD γ ℓₓ x: iEff Σ
NSpec_client:= ADNumSpec γ ℓₓ x: NumSpec ADNum (AD γ ℓₓ x) (ExprRing ())
aₓ:= InjRV (x, #ℓₓ): val
w: val

--------------------------------------∗ ( (K₂ : context) (y : val), backward_inv ℓₓ r x (eval (map (λ _ : (), Xₑ) e)) [] K₂ y) ={⊤}=∗ EWP fill_item (AppRCtx (λ: <>, get_diff aₓ)) w <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ e ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R
ℓₓ: loc
γ: gname
Ψ_client:= AD γ ℓₓ x: iEff Σ
NSpec_client:= ADNumSpec γ ℓₓ x: NumSpec ADNum (AD γ ℓₓ x) (ExprRing ())
aₓ:= InjRV (x, #ℓₓ): val
w: val
K: context
y: val

"Hinv" : backward_inv ℓₓ r x (eval (map (λ _ : (), Xₑ) e)) [] K y --------------------------------------∗ |={⊤}=> EWP fill_item (AppRCtx (λ: <>, get_diff aₓ)) w <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ e ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R
ℓₓ: loc
γ: gname
Ψ_client:= AD γ ℓₓ x: iEff Σ
NSpec_client:= ADNumSpec γ ℓₓ x: NumSpec ADNum (AD γ ℓₓ x) (ExprRing ())
aₓ:= InjRV (x, #ℓₓ): val
w: val
K: context
y: val

"Hinv" : backward_inv ℓₓ r x (eval (map (λ _ : (), Xₑ) e)) [] K y --------------------------------------∗ EWP fill_item (AppRCtx (λ: <>, get_diff aₓ)) w <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ e ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R
ℓₓ: loc
γ: gname
Ψ_client:= AD γ ℓₓ x: iEff Σ
NSpec_client:= ADNumSpec γ ℓₓ x: NumSpec ADNum (AD γ ℓₓ x) (ExprRing ())
aₓ:= InjRV (x, #ℓₓ): val
w: val
K: context
y: val

"Hinv" : backward_inv ℓₓ r x (eval (map (λ _ : (), Xₑ) e)) [] K y --------------------------------------∗ EWP w;; get_diff aₓ <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ e ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R
ℓₓ: loc
γ: gname
Ψ_client:= AD γ ℓₓ x: iEff Σ
NSpec_client:= ADNumSpec γ ℓₓ x: NumSpec ADNum (AD γ ℓₓ x) (ExprRing ())
aₓ:= InjRV (x, #ℓₓ): val
w: val
K: context
y: val
H: (∂ eval (map (λ _ : (), Xₑ) e) ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let [] ++ K .in y ./ ∂ InjRV (x, #ℓₓ) .at (((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}))

"Hheap" : [∗ list] u ∈ (defs [] ++ [InjRV (x, #ℓₓ)]), (v : val) ( : loc), mapsto_diff r [] K y u ∗ ⌜u = InjRV (v, #ℓ)⌝ --------------------------------------∗ EWP w;; get_diff aₓ <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ e ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R
ℓₓ: loc
γ: gname
Ψ_client:= AD γ ℓₓ x: iEff Σ
NSpec_client:= ADNumSpec γ ℓₓ x: NumSpec ADNum (AD γ ℓₓ x) (ExprRing ())
aₓ:= InjRV (x, #ℓₓ): val
w: val
K: context
y: val
Hdiff_output: (∂ eval (map (λ _ : (), Xₑ) e) ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let [] ++ K .in y ./ ∂ InjRV (x, #ℓₓ) .at (((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}))

"Hheap" : [∗ list] u ∈ (defs [] ++ [InjRV (x, #ℓₓ)]), (v : val) ( : loc), mapsto_diff r [] K y u ∗ ⌜u = InjRV (v, #ℓ)⌝ --------------------------------------∗ EWP w;; get_diff aₓ <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ e ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R
ℓₓ: loc
γ: gname
Ψ_client:= AD γ ℓₓ x: iEff Σ
NSpec_client:= ADNumSpec γ ℓₓ x: NumSpec ADNum (AD γ ℓₓ x) (ExprRing ())
aₓ:= InjRV (x, #ℓₓ): val
w: val
K: context
y: val
Hdiff_output: (∂ eval (map (λ _ : (), Xₑ) e) ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let [] ++ K .in y ./ ∂ InjRV (x, #ℓₓ) .at (((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}))

"Hx" : (v : val) ( : loc), mapsto_diff r [] K y (InjRV (x, #ℓₓ)) ∗ ⌜InjRV (x, #ℓₓ) = InjRV (v, #ℓ)⌝ --------------------------------------∗ EWP w;; get_diff aₓ <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ e ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R
ℓₓ: loc
γ: gname
Ψ_client:= AD γ ℓₓ x: iEff Σ
NSpec_client:= ADNumSpec γ ℓₓ x: NumSpec ADNum (AD γ ℓₓ x) (ExprRing ())
aₓ:= InjRV (x, #ℓₓ): val
w: val
K: context
y: val
Hdiff_output: (∂ eval (map (λ _ : (), Xₑ) e) ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let [] ++ K .in y ./ ∂ InjRV (x, #ℓₓ) .at (((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}))
v: val
: loc
H: InjRV (x, #ℓₓ) = InjRV (v, #ℓ)

"Hx" : mapsto_diff r [] K y (InjRV (x, #ℓₓ)) --------------------------------------∗ EWP w;; get_diff aₓ <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ e ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
r: R
γ: gname
: loc
v: val
Ψ_client:= AD γ ℓ v: iEff Σ
NSpec_client:= ADNumSpec γ ℓ v: NumSpec ADNum (AD γ ℓ v) (ExprRing ())
aₓ:= InjRV (v, #ℓ): val
w: val
K: context
y: val
Hdiff_output: (∂ eval (map (λ _ : (), Xₑ) e) ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let [] ++ K .in y ./ ∂ InjRV (v, #ℓ) .at (((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}))

"Hx" : mapsto_diff r [] K y (InjRV (v, #ℓ)) --------------------------------------∗ EWP w;; get_diff aₓ <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ e ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
r: R
γ: gname
: loc
v: val
Ψ_client:= AD γ ℓ v: iEff Σ
NSpec_client:= ADNumSpec γ ℓ v: NumSpec ADNum (AD γ ℓ v) (ExprRing ())
aₓ:= InjRV (v, #ℓ): val
w: val
K: context
y: val
Hdiff_output: (∂ eval (map (λ _ : (), Xₑ) e) ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let [] ++ K .in y ./ ∂ InjRV (v, #ℓ) .at (((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}))

"Hx" : mapsto_diff r [] K y aₓ --------------------------------------∗ EWP w;; get_diff aₓ <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ e ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
r: R
γ: gname
: loc
v: val
Ψ_client:= AD γ ℓ v: iEff Σ
NSpec_client:= ADNumSpec γ ℓ v: NumSpec ADNum (AD γ ℓ v) (ExprRing ())
aₓ:= InjRV (v, #ℓ): val
w: val
K: context
y: val
Hdiff_output: (∂ eval (map (λ _ : (), Xₑ) e) ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let [] ++ K .in y ./ ∂ InjRV (v, #ℓ) .at (((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}))

"Hx" : mapsto_diff r [] K y aₓ --------------------------------------∗ EWP get_diff aₓ <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ e ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
r: R
γ: gname
: loc
v: val
Ψ_client:= AD γ ℓ v: iEff Σ
NSpec_client:= ADNumSpec γ ℓ v: NumSpec ADNum (AD γ ℓ v) (ExprRing ())
aₓ:= InjRV (v, #ℓ): val
w: val
K: context
y: val
Hdiff_output: (∂ eval (map (λ _ : (), Xₑ) e) ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let [] ++ K .in y ./ ∂ InjRV (v, #ℓ) .at (((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}))

--------------------------------------∗ v : val, (λ d : val, mapsto_diff r [] K y aₓ ∗ ( s : R, implements d s ∗ ⌜s =ᵣ (∂ Let K .in y ./ ∂ aₓ .at ((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ []]}))⌝)) v ={⊤}=∗ s : R, implements v s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ e ./ ∂ tt .at (λ _ : (), Xₑ)))⌝
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
r: R
γ: gname
: loc
v: val
Ψ_client:= AD γ ℓ v: iEff Σ
NSpec_client:= ADNumSpec γ ℓ v: NumSpec ADNum (AD γ ℓ v) (ExprRing ())
aₓ:= InjRV (v, #ℓ): val
w: val
K: context
y: val
Hdiff_output: (∂ eval (map (λ _ : (), Xₑ) e) ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let [] ++ K .in y ./ ∂ InjRV (v, #ℓ) .at (((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}))
d: val

--------------------------------------∗ mapsto_diff r [] K y aₓ ∗ ( s : R, implements d s ∗ ⌜s =ᵣ (∂ Let K .in y ./ ∂ aₓ .at ((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ []]}))⌝) ={⊤}=∗ s : R, implements d s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ e ./ ∂ tt .at (λ _ : (), Xₑ)))⌝
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
r: R
γ: gname
: loc
v: val
Ψ_client:= AD γ ℓ v: iEff Σ
NSpec_client:= ADNumSpec γ ℓ v: NumSpec ADNum (AD γ ℓ v) (ExprRing ())
aₓ:= InjRV (v, #ℓ): val
w: val
K: context
y: val
Hdiff_output: (∂ eval (map (λ _ : (), Xₑ) e) ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let [] ++ K .in y ./ ∂ InjRV (v, #ℓ) .at (((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}))
d: val

"Hd" : s : R, implements d s ∗ ⌜s =ᵣ (∂ Let K .in y ./ ∂ aₓ .at ((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ []]}))⌝ --------------------------------------∗ s : R, implements d s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ e ./ ∂ tt .at (λ _ : (), Xₑ)))⌝
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
r: R
γ: gname
: loc
v: val
Ψ_client:= AD γ ℓ v: iEff Σ
NSpec_client:= ADNumSpec γ ℓ v: NumSpec ADNum (AD γ ℓ v) (ExprRing ())
aₓ:= InjRV (v, #ℓ): val
w: val
K: context
y: val
Hdiff_output: (∂ eval (map (λ _ : (), Xₑ) e) ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let [] ++ K .in y ./ ∂ InjRV (v, #ℓ) .at (((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}))
d: val
s: R
H: s =ᵣ (∂ Let K .in y ./ ∂ aₓ .at ((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ []]}))

"Hs" : implements d s --------------------------------------∗ s : R, implements d s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ e ./ ∂ tt .at (λ _ : (), Xₑ)))⌝
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
r: R
γ: gname
: loc
v: val
Ψ_client:= AD γ ℓ v: iEff Σ
NSpec_client:= ADNumSpec γ ℓ v: NumSpec ADNum (AD γ ℓ v) (ExprRing ())
aₓ:= InjRV (v, #ℓ): val
w: val
K: context
y: val
Hdiff_output: (∂ eval (map (λ _ : (), Xₑ) e) ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let [] ++ K .in y ./ ∂ InjRV (v, #ℓ) .at (((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}))
d: val
s: R
H: s =ᵣ (∂ Let K .in y ./ ∂ aₓ .at ((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ []]}))

"Hs" : implements d s --------------------------------------∗ implements d s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ e ./ ∂ tt .at (λ _ : (), Xₑ)))⌝
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
r: R
γ: gname
: loc
v: val
Ψ_client:= AD γ ℓ v: iEff Σ
NSpec_client:= ADNumSpec γ ℓ v: NumSpec ADNum (AD γ ℓ v) (ExprRing ())
aₓ:= InjRV (v, #ℓ): val
w: val
K: context
y: val
Hdiff_output: (∂ eval (map (λ _ : (), Xₑ) e) ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let [] ++ K .in y ./ ∂ InjRV (v, #ℓ) .at (((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}))
d: val
s: R
H: s =ᵣ (∂ Let K .in y ./ ∂ aₓ .at ((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ []]}))

--------------------------------------∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ e ./ ∂ tt .at (λ _ : (), Xₑ)))⌝
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
r: R
γ: gname
: loc
v: val
Ψ_client:= AD γ ℓ v: iEff Σ
NSpec_client:= ADNumSpec γ ℓ v: NumSpec ADNum (AD γ ℓ v) (ExprRing ())
aₓ:= InjRV (v, #ℓ): val
w: val
K: context
y: val
Hdiff_output: (∂ eval (map (λ _ : (), Xₑ) e) ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let [] ++ K .in y ./ ∂ InjRV (v, #ℓ) .at (((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}))
d: val
s: R
H: s =ᵣ (∂ Let K .in y ./ ∂ aₓ .at ((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ []]}))

s =ᵣ eval (map (λ _ : (), r) (∂ e ./ ∂ () .at (λ _ : (), Xₑ)))
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
r: R
γ: gname
: loc
v: val
Ψ_client:= AD γ ℓ v: iEff Σ
NSpec_client:= ADNumSpec γ ℓ v: NumSpec ADNum (AD γ ℓ v) (ExprRing ())
aₓ:= InjRV (v, #ℓ): val
w: val
K: context
y, d: val
s: R
H: s =ᵣ (∂ Let K .in y ./ ∂ aₓ .at ((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ []]}))
Hdiff_output: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let [] ++ K .in y ./ ∂ InjRV (v, #ℓ) .at (((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}))

s =ᵣ eval (map (λ _ : (), r) (∂ e ./ ∂ () .at (λ _ : (), Xₑ)))
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
f: Num → expr
e: Expr ()
N: Num
vf: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
r: R
γ: gname
: loc
v: val
Ψ_client:= AD γ ℓ v: iEff Σ
NSpec_client:= ADNumSpec γ ℓ v: NumSpec ADNum (AD γ ℓ v) (ExprRing ())
aₓ:= InjRV (v, #ℓ): val
w: val
K: context
y, d: val
s: R
H: s =ᵣ (∂ Let K .in y ./ ∂ aₓ .at ((((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}) .{[ []]}))
Hdiff_output: (∂ e ./ ∂ () .at (λ _ : (), r)) =ᵣ (∂ Let [] ++ K .in y ./ ∂ InjRV (v, #ℓ) .at (((λ _ : val, r) .{[ InjLV (InjLV #()) := Oᵣ]}) .{[ InjLV (InjRV #()) := Iᵣ]}))

s =ᵣ (∂ e ./ ∂ () .at (λ _ : (), r))
by rewrite Hdiff_output. Qed. End proof_of_diff.
Ignoring canonical projection to discrete_ofe_mixin by ofe_mixin in nodeO: redundant with fracO [redundant-canonical-projection,typechecker]
Ignoring canonical projection to discrete_dist by ofe_dist in nodeO: redundant with fracO [redundant-canonical-projection,typechecker]
Ignoring canonical projection to equivL by ofe_equiv in nodeO: redundant with fracO [redundant-canonical-projection,typechecker]
(** * Clients. *) (** We have proved that [diff] satisfies a given specification. Now, we implement some clients of [diff] to see what kind of results we can derive from that. *) Section clients. (* First, we provide a concrete implementation of integers. (Integers are unbounded in our calculus.) This will unlock the derivation functionality where arithmetical operators are interpreted as the standard addition and multiplication on integers. *) Section ring_of_integers. Context `{!irisG eff_lang Σ}. Program Instance ZNum : Num := { nzero := #0%Z; none := #1%Z; nadd := (λ: "a" "b", "a" + "b")%V; nmul := (λ: "a" "b", "a" * "b")%V; }. Program Instance ZNumSpec : NumSpec ZNum ⊥%ieff ZRing := { implements := λ v n, ⌜ v = #n ⌝%I; }. (* Implements Oᵣ. *)
Σ: gFunctors
irisG0: irisG eff_lang Σ

⊢ (λ (v : val) (n : Z), ⌜v = #n⌝) nzero (Oᵣ)
auto. Qed. (* Implements Iᵣ. *)
Σ: gFunctors
irisG0: irisG eff_lang Σ

⊢ (λ (v : val) (n : Z), ⌜v = #n⌝) none (Iᵣ)
auto. Qed. (* Implements +ᵣ. *)
Σ: gFunctors
irisG0: irisG eff_lang Σ

(E : coPset) (a b : val) (r s : Z), (λ (v : val) (n : Z), ⌜v = #n⌝) a r -∗ (λ (v : val) (n : Z), ⌜v = #n⌝) b s -∗ EWP nadd a b @ E <| ⊥ |> {{ x, (λ (v : val) (n : Z), ⌜v = #n⌝) x (r +ᵣ s) }}
Σ: gFunctors
irisG0: irisG eff_lang Σ
E: coPset
r, s: Z

--------------------------------------∗ EWP nadd #r #s @ E <| ⊥ |> {{ x, ⌜x = #(r +ᵣ s)⌝ }}
by ewp_pure_steps. Qed. (* Implements ×ᵣ. *)
Σ: gFunctors
irisG0: irisG eff_lang Σ

(E : coPset) (a b : val) (r s : Z), (λ (v : val) (n : Z), ⌜v = #n⌝) a r -∗ (λ (v : val) (n : Z), ⌜v = #n⌝) b s -∗ EWP nmul a b @ E <| ⊥ |> {{ x, (λ (v : val) (n : Z), ⌜v = #n⌝) x (r ×ᵣ s) }}
Σ: gFunctors
irisG0: irisG eff_lang Σ
E: coPset
r, s: Z

--------------------------------------∗ EWP nmul #r #s @ E <| ⊥ |> {{ x, ⌜x = #(r ×ᵣ s)⌝ }}
by ewp_pure_steps. Qed. End ring_of_integers. Section x_cube. Context `{R₁: !cgraphG Σ, R₂: !heapG Σ}. Definition x_cube (N : Num) : val := λ: "x", nmul "x" (nmul "x" "x").
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ

⊢ isExp (λ N : Num, x_cube N) ((Xₑ) ×ₑ ((Xₑ) ×ₑ (Xₑ)))
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ

⊢ isExp (λ N : Num, x_cube N) ((Xₑ) ×ₑ ((Xₑ) ×ₑ (Xₑ)))
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
N: Num

--------------------------------------∗ EWP x_cube N <| ⊥ |> {{ vf, (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec N Ψ RS) (x : val) (r : R), implements x r -∗ EWP vf x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) ((Xₑ) ×ₑ ((Xₑ) ×ₑ (Xₑ))))⌝ }} }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
N: Num

--------------------------------------∗ (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec N Ψ RS) (x : val) (r : R), implements x r -∗ EWP x_cube N x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) ((Xₑ) ×ₑ ((Xₑ) ×ₑ (Xₑ))))⌝ }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
N: Num
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R

"Hx" : implements x r --------------------------------------□ EWP x_cube N x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) ((Xₑ) ×ₑ ((Xₑ) ×ₑ (Xₑ))))⌝ }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
N: Num
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R

"Hx" : implements x r --------------------------------------□ EWP (λ: "x", nmul "x" (nmul "x" "x"))%V x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) ((Xₑ) ×ₑ ((Xₑ) ×ₑ (Xₑ))))⌝ }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
N: Num
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R

"Hx" : implements x r --------------------------------------□ EWP nmul x (nmul x x) <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ r ×ᵣ (r ×ᵣ r)⌝ }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
N: Num
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R

"Hx" : implements x r --------------------------------------□ EWP nmul x x <| Ψ |> {{ v, EWP fill_item (AppRCtx (nmul x)) v <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ r ×ᵣ (r ×ᵣ r)⌝ }} }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
N: Num
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R

"Hx" : implements x r --------------------------------------□ v : val, (λ x : val, implements x (r ×ᵣ r)) v ={⊤}=∗ EWP fill_item (AppRCtx (nmul x)) v <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ r ×ᵣ (r ×ᵣ r)⌝ }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
N: Num
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R
y: val

"Hx" : implements x r "Hy" : implements y (r ×ᵣ r) --------------------------------------□ |={⊤}=> EWP fill_item (AppRCtx (nmul x)) y <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ r ×ᵣ (r ×ᵣ r)⌝ }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
N: Num
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R
y: val

"Hx" : implements x r "Hy" : implements y (r ×ᵣ r) --------------------------------------□ EWP fill_item (AppRCtx (nmul x)) y <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ r ×ᵣ (r ×ᵣ r)⌝ }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
N: Num
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R
y: val

"Hx" : implements x r "Hy" : implements y (r ×ᵣ r) --------------------------------------□ EWP nmul x y <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ r ×ᵣ (r ×ᵣ r)⌝ }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
N: Num
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R
y: val

"Hx" : implements x r "Hy" : implements y (r ×ᵣ r) --------------------------------------□ v : val, (λ x : val, implements x (r ×ᵣ (r ×ᵣ r))) v ={⊤}=∗ s : R, implements v s ∗ ⌜s =ᵣ r ×ᵣ (r ×ᵣ r)⌝
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
N: Num
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R
y, z: val

"Hx" : implements x r "Hy" : implements y (r ×ᵣ r) --------------------------------------□ "Hz" : implements z (r ×ᵣ (r ×ᵣ r)) --------------------------------------∗ |={⊤}=> s : R, implements z s ∗ ⌜s =ᵣ r ×ᵣ (r ×ᵣ r)⌝
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
N: Num
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R
y, z: val

"Hx" : implements x r "Hy" : implements y (r ×ᵣ r) --------------------------------------□ "Hz" : implements z (r ×ᵣ (r ×ᵣ r)) --------------------------------------∗ s : R, implements z s ∗ ⌜s =ᵣ r ×ᵣ (r ×ᵣ r)⌝
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
N: Num
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec N Ψ RS
x: val
r: R
y, z: val

"Hx" : implements x r "Hy" : implements y (r ×ᵣ r) --------------------------------------□ "Hz" : implements z (r ×ᵣ (r ×ᵣ r)) --------------------------------------∗ implements z (r ×ᵣ (r ×ᵣ r)) ∗ ⌜r ×ᵣ (r ×ᵣ r) =ᵣ r ×ᵣ (r ×ᵣ r)⌝
by iFrame. Qed.
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ

⊢ isExp (diff (λ N : Num, x_cube N)) (∂ (Xₑ) ×ₑ ((Xₑ) ×ₑ (Xₑ)) ./ ∂ () .at (λ _ : (), Xₑ))
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ

⊢ isExp (diff (λ N : Num, x_cube N)) (∂ (Xₑ) ×ₑ ((Xₑ) ×ₑ (Xₑ)) ./ ∂ () .at (λ _ : (), Xₑ))
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ

"Hdiff" : isExp (λ N : Num, x_cube N) ((Xₑ) ×ₑ ((Xₑ) ×ₑ (Xₑ))) -∗ isExp (diff (λ N : Num, x_cube N)) (∂ (Xₑ) ×ₑ ((Xₑ) ×ₑ (Xₑ)) ./ ∂ () .at (λ _ : (), Xₑ)) --------------------------------------□ isExp (diff (λ N : Num, x_cube N)) (∂ (Xₑ) ×ₑ ((Xₑ) ×ₑ (Xₑ)) ./ ∂ () .at (λ _ : (), Xₑ))
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ

"Hdiff" : isExp (λ N : Num, x_cube N) ((Xₑ) ×ₑ ((Xₑ) ×ₑ (Xₑ))) -∗ isExp (diff (λ N : Num, x_cube N)) (∂ (Xₑ) ×ₑ ((Xₑ) ×ₑ (Xₑ)) ./ ∂ () .at (λ _ : (), Xₑ)) --------------------------------------□ isExp (λ N : Num, x_cube N) ((Xₑ) ×ₑ ((Xₑ) ×ₑ (Xₑ)))
by iApply x_cube_spec. Qed.
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ

⊢ isExp (diff (diff (λ N : Num, x_cube N))) (∂ ∂ (Xₑ) ×ₑ ((Xₑ) ×ₑ (Xₑ)) ./ ∂ () .at (λ _ : (), Xₑ) ./ ∂ () .at (λ _ : (), Xₑ))
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ

⊢ isExp (diff (diff (λ N : Num, x_cube N))) (∂ ∂ (Xₑ) ×ₑ ((Xₑ) ×ₑ (Xₑ)) ./ ∂ () .at (λ _ : (), Xₑ) ./ ∂ () .at (λ _ : (), Xₑ))
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ

"Hdiff" : isExp ?Goal (∂ (Xₑ) ×ₑ ((Xₑ) ×ₑ (Xₑ)) ./ ∂ () .at (λ _ : (), Xₑ)) -∗ isExp (diff ?Goal) (∂ ∂ (Xₑ) ×ₑ ((Xₑ) ×ₑ (Xₑ)) ./ ∂ () .at (λ _ : (), Xₑ) ./ ∂ () .at (λ _ : (), Xₑ)) --------------------------------------□ isExp (diff (diff (λ N : Num, x_cube N))) (∂ ∂ (Xₑ) ×ₑ ((Xₑ) ×ₑ (Xₑ)) ./ ∂ () .at (λ _ : (), Xₑ) ./ ∂ () .at (λ _ : (), Xₑ))
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ

"Hdiff" : isExp (diff (λ N : Num, x_cube N)) (∂ (Xₑ) ×ₑ ((Xₑ) ×ₑ (Xₑ)) ./ ∂ () .at (λ _ : (), Xₑ)) -∗ isExp (diff (diff (λ N : Num, x_cube N))) (∂ ∂ (Xₑ) ×ₑ ((Xₑ) ×ₑ (Xₑ)) ./ ∂ () .at (λ _ : (), Xₑ) ./ ∂ () .at (λ _ : (), Xₑ)) --------------------------------------□ isExp (diff (λ N : Num, x_cube N)) (∂ (Xₑ) ×ₑ ((Xₑ) ×ₑ (Xₑ)) ./ ∂ () .at (λ _ : (), Xₑ))
by iApply x_cube'_spec. Qed.
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
n: Z

⊢ EWP diff (λ N : Num, x_cube N) ZNum #n {{ y, ⌜y = #(3 * (n * n))⌝ }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
n: Z

⊢ EWP diff (λ N : Num, x_cube N) ZNum #n {{ y, ⌜y = #(3 * (n * n))⌝ }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
n: Z

"Hdiff" : EWP diff (λ N : Num, x_cube N) ZNum <| ⊥ |> {{ vf, (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec ZNum Ψ RS) (x : val) (r : R), implements x r -∗ EWP vf x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ (Xₑ) ×ₑ ((Xₑ) ×ₑ (Xₑ)) ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }} }} --------------------------------------□ EWP diff (λ N : Num, x_cube N) ZNum #n {{ y, ⌜y = #(3 * (n * n))⌝ }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
n: Z

diff (λ N : Num, x_cube N) ZNum #n = fill_item (AppLCtx ?v2) ?Goal
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
n: Z
"Hdiff" : EWP diff (λ N : Num, x_cube N) ZNum <| ⊥ |> {{ vf, (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec ZNum Ψ RS) (x : val) (r : R), implements x r -∗ EWP vf x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ (Xₑ) ×ₑ ((Xₑ) ×ₑ (Xₑ)) ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }} }} --------------------------------------□ EWP ?Goal {{ v, EWP fill_item (AppLCtx ?v2) v {{ y, ⌜y = #(3 * (n * n))⌝ }} }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
n: Z

"Hdiff" : EWP diff (λ N : Num, x_cube N) ZNum <| ⊥ |> {{ vf, (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec ZNum Ψ RS) (x : val) (r : R), implements x r -∗ EWP vf x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ (Xₑ) ×ₑ ((Xₑ) ×ₑ (Xₑ)) ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }} }} --------------------------------------□ EWP diff (λ N : Num, x_cube N) ZNum {{ v, EWP fill_item (AppLCtx #n) v {{ y, ⌜y = #(3 * (n * n))⌝ }} }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
n: Z

"Hdiff" : EWP diff (λ N : Num, x_cube N) ZNum <| ⊥ |> {{ vf, (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec ZNum Ψ RS) (x : val) (r : R), implements x r -∗ EWP vf x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ (Xₑ) ×ₑ ((Xₑ) ×ₑ (Xₑ)) ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }} }} --------------------------------------□ v : val, ( (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec ZNum Ψ RS) (x : val) (r : R), implements x r -∗ EWP v x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ (Xₑ) ×ₑ ((Xₑ) ×ₑ (Xₑ)) ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }}) ={⊤}=∗ EWP fill_item (AppLCtx #n) v {{ y, ⌜y = #(3 * (n * n))⌝ }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
n: Z

--------------------------------------∗ v : val, ( (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec ZNum Ψ RS) (x : val) (r : R), implements x r -∗ EWP v x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ (Xₑ) ×ₑ ((Xₑ) ×ₑ (Xₑ)) ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }}) ={⊤}=∗ EWP fill_item (AppLCtx #n) v {{ y, ⌜y = #(3 * (n * n))⌝ }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
n: Z
vdiff: val

"Hdiff" : (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec ZNum Ψ RS) (x : val) (r : R), implements x r -∗ EWP vdiff x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ (Xₑ) ×ₑ ((Xₑ) ×ₑ (Xₑ)) ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }} --------------------------------------∗ |={⊤}=> EWP fill_item (AppLCtx #n) vdiff {{ y, ⌜y = #(3 * (n * n))⌝ }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
n: Z
vdiff: val

"Hdiff" : EWP vdiff #n <| ⊥ |> {{ y, s : Z, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), n) (∂ (Xₑ) ×ₑ ((Xₑ) ×ₑ (Xₑ)) ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }} --------------------------------------∗ |={⊤}=> EWP fill_item (AppLCtx #n) vdiff {{ y, ⌜y = #(3 * (n * n))⌝ }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
n: Z
vdiff: val

--------------------------------------∗ |={⊤}=> v : val, ( s : Z, implements v s ∗ ⌜s =ᵣ eval (map (λ _ : (), n) (∂ (Xₑ) ×ₑ ((Xₑ) ×ₑ (Xₑ)) ./ ∂ tt .at (λ _ : (), Xₑ)))⌝) ={⊤}=∗ ⌜v = #(3 * (n * n))⌝
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
n: Z
vdiff: val

--------------------------------------∗ v : val, ( s : Z, implements v s ∗ ⌜s =ᵣ eval (map (λ _ : (), n) (∂ (Xₑ) ×ₑ ((Xₑ) ×ₑ (Xₑ)) ./ ∂ tt .at (λ _ : (), Xₑ)))⌝) ={⊤}=∗ ⌜v = #(3 * (n * n))⌝
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
n: Z
vdiff, v: val

--------------------------------------∗ ( s : Z, implements v s ∗ ⌜s =ᵣ eval (map (λ _ : (), n) (∂ (Xₑ) ×ₑ ((Xₑ) ×ₑ (Xₑ)) ./ ∂ tt .at (λ _ : (), Xₑ)))⌝) ={⊤}=∗ ⌜v = #(3 * (n * n))⌝
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
n: Z
vdiff: val

--------------------------------------∗ |={⊤}=> ⌜#(eval (map (λ _ : (), n) (∂ (Xₑ) ×ₑ ((Xₑ) ×ₑ (Xₑ)) ./ ∂ tt .at (λ _ : (), Xₑ)))) = #(3 * (n * n))⌝
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
n: Z
vdiff: val

#(eval (map (λ _ : (), n) (∂ (Xₑ) ×ₑ ((Xₑ) ×ₑ (Xₑ)) ./ ∂ tt .at (λ _ : (), Xₑ)))) = #(3 * (n * n))
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
n: Z
vdiff: val

#(1 * (n * n) + n * (1 * n + n * 1)) = #(3 * (n * n))
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
n: Z
vdiff: val

(1 * (n * n) + n * (1 * n + n * 1))%Z = (3 * (n * n))%Z
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
n: Z
vdiff: val

(1 * (n * n) + n * (1 * n + n * 1))%Z = (n * n + n * n + n * n)%Z
by rewrite !Z.mul_1_l Z.mul_1_r Z.mul_add_distr_l Z.add_assoc. Qed.
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
n: Z

⊢ EWP diff (diff (λ N : Num, x_cube N)) ZNum #n {{ y, ⌜y = #(6 * n)⌝ }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
n: Z

⊢ EWP diff (diff (λ N : Num, x_cube N)) ZNum #n {{ y, ⌜y = #(6 * n)⌝ }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
n: Z

"Hdiff" : EWP diff (diff (λ N : Num, x_cube N)) ZNum <| ⊥ |> {{ vf, (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec ZNum Ψ RS) (x : val) (r : R), implements x r -∗ EWP vf x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ ∂ (Xₑ) ×ₑ ((Xₑ) ×ₑ (Xₑ)) ./ ∂ tt .at (λ _ : (), Xₑ) ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }} }} --------------------------------------□ EWP diff (diff (λ N : Num, x_cube N)) ZNum #n {{ y, ⌜y = #(6 * n)⌝ }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
n: Z

diff (diff (λ N : Num, x_cube N)) ZNum #n = fill_item (AppLCtx ?v2) ?Goal
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
n: Z
"Hdiff" : EWP diff (diff (λ N : Num, x_cube N)) ZNum <| ⊥ |> {{ vf, (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec ZNum Ψ RS) (x : val) (r : R), implements x r -∗ EWP vf x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ ∂ (Xₑ) ×ₑ ((Xₑ) ×ₑ (Xₑ)) ./ ∂ tt .at (λ _ : (), Xₑ) ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }} }} --------------------------------------□ EWP ?Goal {{ v, EWP fill_item (AppLCtx ?v2) v {{ y, ⌜y = #(6 * n)⌝ }} }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
n: Z

"Hdiff" : EWP diff (diff (λ N : Num, x_cube N)) ZNum <| ⊥ |> {{ vf, (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec ZNum Ψ RS) (x : val) (r : R), implements x r -∗ EWP vf x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ ∂ (Xₑ) ×ₑ ((Xₑ) ×ₑ (Xₑ)) ./ ∂ tt .at (λ _ : (), Xₑ) ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }} }} --------------------------------------□ EWP diff (diff (λ N : Num, x_cube N)) ZNum {{ v, EWP fill_item (AppLCtx #n) v {{ y, ⌜y = #(6 * n)⌝ }} }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
n: Z

"Hdiff" : EWP diff (diff (λ N : Num, x_cube N)) ZNum <| ⊥ |> {{ vf, (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec ZNum Ψ RS) (x : val) (r : R), implements x r -∗ EWP vf x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ ∂ (Xₑ) ×ₑ ((Xₑ) ×ₑ (Xₑ)) ./ ∂ tt .at (λ _ : (), Xₑ) ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }} }} --------------------------------------□ v : val, ( (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec ZNum Ψ RS) (x : val) (r : R), implements x r -∗ EWP v x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ ∂ (Xₑ) ×ₑ ((Xₑ) ×ₑ (Xₑ)) ./ ∂ tt .at (λ _ : (), Xₑ) ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }}) ={⊤}=∗ EWP fill_item (AppLCtx #n) v {{ y, ⌜y = #(6 * n)⌝ }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
n: Z

--------------------------------------∗ v : val, ( (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec ZNum Ψ RS) (x : val) (r : R), implements x r -∗ EWP v x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ ∂ (Xₑ) ×ₑ ((Xₑ) ×ₑ (Xₑ)) ./ ∂ tt .at (λ _ : (), Xₑ) ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }}) ={⊤}=∗ EWP fill_item (AppLCtx #n) v {{ y, ⌜y = #(6 * n)⌝ }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
n: Z
vdiff: val

"Hdiff" : (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec ZNum Ψ RS) (x : val) (r : R), implements x r -∗ EWP vdiff x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ ∂ (Xₑ) ×ₑ ((Xₑ) ×ₑ (Xₑ)) ./ ∂ tt .at (λ _ : (), Xₑ) ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }} --------------------------------------∗ |={⊤}=> EWP fill_item (AppLCtx #n) vdiff {{ y, ⌜y = #(6 * n)⌝ }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
n: Z
vdiff: val

"Hdiff" : EWP vdiff #n <| ⊥ |> {{ y, s : Z, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), n) (∂ ∂ (Xₑ) ×ₑ ((Xₑ) ×ₑ (Xₑ)) ./ ∂ tt .at (λ _ : (), Xₑ) ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }} --------------------------------------∗ |={⊤}=> EWP fill_item (AppLCtx #n) vdiff {{ y, ⌜y = #(6 * n)⌝ }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
n: Z
vdiff: val

--------------------------------------∗ |={⊤}=> v : val, ( s : Z, implements v s ∗ ⌜s =ᵣ eval (map (λ _ : (), n) (∂ ∂ (Xₑ) ×ₑ ((Xₑ) ×ₑ (Xₑ)) ./ ∂ tt .at (λ _ : (), Xₑ) ./ ∂ tt .at (λ _ : (), Xₑ)))⌝) ={⊤}=∗ ⌜v = #(6 * n)⌝
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
n: Z
vdiff: val

--------------------------------------∗ v : val, ( s : Z, implements v s ∗ ⌜s =ᵣ eval (map (λ _ : (), n) (∂ ∂ (Xₑ) ×ₑ ((Xₑ) ×ₑ (Xₑ)) ./ ∂ tt .at (λ _ : (), Xₑ) ./ ∂ tt .at (λ _ : (), Xₑ)))⌝) ={⊤}=∗ ⌜v = #(6 * n)⌝
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
n: Z
vdiff, v: val

--------------------------------------∗ ( s : Z, implements v s ∗ ⌜s =ᵣ eval (map (λ _ : (), n) (∂ ∂ (Xₑ) ×ₑ ((Xₑ) ×ₑ (Xₑ)) ./ ∂ tt .at (λ _ : (), Xₑ) ./ ∂ tt .at (λ _ : (), Xₑ)))⌝) ={⊤}=∗ ⌜v = #(6 * n)⌝
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
n: Z
vdiff: val

--------------------------------------∗ |={⊤}=> ⌜#(eval (map (λ _ : (), n) (∂ ∂ (Xₑ) ×ₑ ((Xₑ) ×ₑ (Xₑ)) ./ ∂ tt .at (λ _ : (), Xₑ) ./ ∂ tt .at (λ _ : (), Xₑ)))) = #(6 * n)⌝
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
n: Z
vdiff: val

#(eval (map (λ _ : (), n) (∂ ∂ (Xₑ) ×ₑ ((Xₑ) ×ₑ (Xₑ)) ./ ∂ tt .at (λ _ : (), Xₑ) ./ ∂ tt .at (λ _ : (), Xₑ)))) = #(6 * n)
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
n: Z
vdiff: val

#(0 * (n * n) + 1 * (1 * n + n * 1) + (1 * (1 * n + n * 1) + n * (0 * n + 1 * 1 + (1 * 1 + n * 0)))) = #(6 * n)
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
n: Z
vdiff: val

(0 * (n * n) + 1 * (1 * n + n * 1) + (1 * (1 * n + n * 1) + n * (0 * n + 1 * 1 + (1 * 1 + n * 0))))%Z = (6 * n)%Z
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
n: Z
vdiff: val

(0 * (n * n) + (n + n * 1) + (n + n * 1 + (n * (0 * n + 1) + n * (1 + n * 0))))%Z = (6 * n)%Z
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
n: Z
vdiff: val

(n + n + (n + n + (n + n)))%Z = (6 * n)%Z
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
n: Z
vdiff: val

(n + n + (n + n + (n + n)))%Z = (n + n + n + n + n + n)%Z
by rewrite !Z.add_assoc. Qed. End x_cube. End clients. (** * Implementation in HH. *) (** An attentive reader might have noticed that the algorithm we verified in the previous sections was not entirely written in [HH]. Indeed, the function [diff] is a Coq function of two arguments. One of its arguments, for example, is a record of type [Num], which is used in the definition of [diff] as the provider of arithmetical operations and constants. This diverges from the actual code that we would write in [HH] or in another programming language, because that is not how these numerical operations would be accessed. A program that takes such record as one of its arguments would have to deconstruct it and bind its components using binders of the language itself, not meta-level ones. Writing the code with constructors and deconstrutors for these record values would make it harder to decompose the implementation of [diff] as separate functions -- [handle], [update], [create] -- which would consequently complicate the Coq proofs. Nevertheless, in the following section, we show that our effort from previous sections was not in vain: we can reuse what was proven for [diff] in verifying a full [HH] implementation of automatic differentiation. *) Section hh_implementation. Context `{R₁: !cgraphG Σ, R₂: !heapG Σ}. Definition to_struct (N : Num) : val := (nzero, (none, (nadd, nmul)))%V. Definition to_Num (zero one add mul : val) : Num := {| nzero := zero; none := one; nadd := add; nmul := mul |}. Definition hh_diff : val := λ: "f" "num", let: "nzero" := Fst "num" in let: "none" := Fst (Snd "num") in let: "nadd" := Fst (Snd (Snd "num")) in let: "nmul" := Snd (Snd (Snd "num")) in let: "create" := λ: "n", InjR ("n", ref "nzero") in let: "get_val" := λ: "x", match: "x" with (* Constant. *) InjL "x" => match: "x" with (* Zero. *) InjL <> => "nzero" | (* One. *) InjR <> => "none" end | (* Variable. *) InjR "x" => Fst "x" end in let: "update" := λ: "x" "incr", match: "x" with (* Constant. *) InjL <> => #() | (* Variable. *) InjR "x" => let: "xd" := Snd "x" in "xd" <- "nadd" (Load "xd") "incr" end in let: "handle" := λ: "f" "seed", try: "f" "seed" with effect (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := "get_val" "a" in let: "bv" := "get_val" "b" in match: "op" with (* Add *) InjL <> => let: "x" := "create" ("nadd" "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in "update" "a" "xd";; "update" "b" "xd" | (* Mul *) InjR <> => let: "x" := "create" ("nmul" "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := "nmul" "bv" "xd" in let: "bd" := "nmul" "av" "xd" in "update" "a" "ad";; "update" "b" "bd" end ) | return (λ: "res", "update" "res" "none") end in let: "vf" := "f" (to_struct ADNum) in λ: "a", let: "x" := "create" "a" in "handle" "vf" "x";; get_diff "x". (* The class [NumSpec N Ψ RS] can be seen as the domain of predicates [implements : val → R → iProp Σ] for which the assertions [nzero_spec], [none_spec], [nadd_spec], [nmul_spec] and [implements_pers] hold. In the following, we detach the type of predicates, [val → R → iProp Σ], from its restrictions, which will be bundled into the new typeclass [numSpec]. This allows the specification of [hh_diff] to quantify directly over predicates, instead of terms of type [NumSpec N Ψ RS]. We believe this leads to a more readable definition of [IsExp]. *) Class numSpec {R : Set} (zero one add mul : val) (implements : val → R → iProp Σ) (Ψ : iEff Σ) (RS : RingSig R) := { nzero_spec' : ⊢ implements zero (Oᵣ); none_spec' : ⊢ implements one (Iᵣ); nadd_spec' E a b r s : implements a r -∗ implements b s -∗ EWP add a b @ E <| Ψ |> {{ x, implements x (radd r s) }}; nmul_spec' E a b r s : implements a r -∗ implements b s -∗ EWP mul a b @ E <| Ψ |> {{ x, implements x (rmul r s) }}; implements_pers' u r :> Persistent (implements u r); }. Program Instance NumSpec' {R : Set} (RS : RingSig R) (zero one add mul : val) (implements : val → R → iProp Σ) (Ψ : iEff Σ) (nSpec : numSpec zero one add mul implements Ψ RS) : NumSpec (to_Num zero one add mul) Ψ RS := {| implements := implements; nzero_spec := nzero_spec'; none_spec := none_spec'; nadd_spec := nadd_spec'; nmul_spec := nmul_spec'; implements_pers := implements_pers' |}. Program Instance numSpec' {R : Set} (RS : RingSig R) (N : Num) (Ψ : iEff Σ) (NSpec : NumSpec N Ψ RS) : numSpec nzero none nadd nmul implements Ψ RS := {| nzero_spec' := nzero_spec; none_spec' := none_spec; nadd_spec' := nadd_spec; nmul_spec' := nmul_spec; implements_pers' := implements_pers |}. Definition IsExp (e : val) (E : Expr ()) : iProp Σ := (zero one add mul : val), EWP (e (zero, (one, (add, mul)))%V) {{ f, (R : Set) (RS : RingSig R) (RA : IsRing R) (Ψ : iEff Σ), (implements : val → R → iProp Σ), ⌜ numSpec zero one add mul implements Ψ RS ⌝ -∗ (x : val) (r : R), implements x r -∗ EWP (f x) <| Ψ |> {{ y, s, implements y s ∗ ⌜ s =ᵣ eval (map (λ _, r) E) ⌝ }} }}. Definition hh_diff_spec : Prop := ⊢ (e : val) (E : Expr ()), IsExp e E -∗ EWP hh_diff e {{ e', IsExp e' (∂ E ./ ∂ tt .at (λ _, Xₑ)) }}.
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ

hh_diff_spec
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ

hh_diff_spec
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
e: val
E: Expr ()

"He" : IsExp e E --------------------------------------∗ EWP hh_diff e {{ e', IsExp e' (∂ E ./ ∂ () .at (λ _ : (), Xₑ)) }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
e: val
E: Expr ()

"He" : IsExp e E --------------------------------------∗ EWP (λ: "f" "num", let: "nzero" := Fst "num" in let: "none" := Fst (Snd "num") in let: "nadd" := Fst (Snd (Snd "num")) in let: "nmul" := Snd (Snd (Snd "num")) in let: "create" := λ: "n", InjR ("n", ref "nzero") in let: "get_val" := λ: "x", match: "x" with InjL "x" => match: "x" with InjL <> => "nzero" | InjR <> => "none" end | InjR "x" => Fst "x" end in let: "update" := λ: "x" "incr", match: "x" with InjL <> => #() | InjR "x" => let: "xd" := Snd "x" in "xd" <- "nadd" ! "xd" "incr" end in let: "handle" := λ: "f" "seed", deep_try_with (λ: <>, "f" "seed") (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := "get_val" "a" in let: "bv" := "get_val" "b" in match: "op" with InjL <> => let: "x" := "create" ... in ...;; let: "xd" := ... in ... | InjR <> => let: "x" := "create" ... in ...;; let: "xd" := ... in ... end) (λ: "res", "update" "res" "none") in let: "vf" := "f" (to_struct ADNum) in λ: "a", let: "x" := "create" "a" in "handle" "vf" "x";; get_diff "x")%V e {{ e', IsExp e' (∂ E ./ ∂ () .at (λ _ : (), Xₑ)) }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
e: val
E: Expr ()

"He" : IsExp e E --------------------------------------∗ IsExp (λ: "num", let: "nzero" := Fst "num" in let: "none" := Fst (Snd "num") in let: "nadd" := Fst (Snd (Snd "num")) in let: "nmul" := Snd (Snd (Snd "num")) in let: "create" := λ: "n", InjR ("n", ref "nzero") in let: "get_val" := λ: "x", match: "x" with InjL "x" => match: "x" with InjL <> => "nzero" | InjR <> => "none" end | InjR "x" => Fst "x" end in let: "update" := λ: "x" "incr", match: "x" with InjL <> => #() | InjR "x" => let: "xd" := Snd "x" in "xd" <- "nadd" ! "xd" "incr" end in let: "handle" := λ: "f" "seed", deep_try_with (λ: <>, "f" "seed") (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := "get_val" "a" in let: "bv" := "get_val" "b" in match: "op" with InjL <> => let: "x" := "create" (...) in ...;; let: "xd" := ... in ...... | InjR <> => let: "x" := "create" (...) in ...;; let: "xd" := ... in let: "ad" := ... in ... end) (λ: "res", "update" "res" "none") in let: "vf" := e (to_struct ADNum) in λ: "a", let: "x" := "create" "a" in "handle" "vf" "x";; get_diff "x") (∂ E ./ ∂ () .at (λ _ : (), Xₑ))
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
e: val
E: Expr ()
zero, one, add, mul: val

"He" : IsExp e E --------------------------------------∗ EWP (λ: "num", let: "nzero" := Fst "num" in let: "none" := Fst (Snd "num") in let: "nadd" := Fst (Snd (Snd "num")) in let: "nmul" := Snd (Snd (Snd "num")) in let: "create" := λ: "n", InjR ("n", ref "nzero") in let: "get_val" := λ: "x", match: "x" with InjL "x" => match: "x" with InjL <> => "nzero" | InjR <> => "none" end | InjR "x" => Fst "x" end in let: "update" := λ: "x" "incr", match: "x" with InjL <> => #() | InjR "x" => let: "xd" := Snd "x" in "xd" <- "nadd" ! "xd" "incr" end in let: "handle" := λ: "f" "seed", deep_try_with (λ: <>, "f" "seed") (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := "get_val" "a" in let: "bv" := "get_val" "b" in match: "op" with InjL <> => let: "x" := "create" ... in ...;; let: "xd" := ... in ... | InjR <> => let: "x" := "create" ... in ...;; let: "xd" := ... in ... end) (λ: "res", "update" "res" "none") in let: "vf" := e (to_struct ADNum) in λ: "a", let: "x" := "create" "a" in "handle" "vf" "x";; get_diff "x")%V (zero, (one, (add, mul)))%V {{ f, (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (implements : val → R → iProp Σ), ⌜numSpec zero one add mul implements Ψ RS⌝ -∗ (x : val) (r : R), implements x r -∗ EWP f x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ E ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }} }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
e: val
E: Expr ()
zero, one, add, mul: val

"He" : IsExp e E --------------------------------------∗ EWP let: "vf" := e (to_struct ADNum) in λ: "a", let: "x" := (λ: "n", InjR ("n", ref zero))%V "a" in (λ: "f" "seed", deep_try_with (λ: <>, "f" "seed") (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := (λ: "x", match: "x" with InjL "x" => match: "x" with InjL <> => zero | InjR <> => one end | InjR "x" => Fst "x" end)%V "a" in let: "bv" := (λ: "x", match: "x" with InjL "x" => match: "x" with InjL <> => zero | InjR <> => one end | InjR "x" => Fst "x" end)%V "b" in match: "op" with InjL <> => let: "x" := (λ: "n", InjR ("n", ref zero))%V (add "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in ...%V "a" "xd";; (λ: "x" "incr", ...)%V "b" "xd" | InjR <> => let: "x" := (λ: "n", InjR ("n", ref zero))%V (mul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := mul "bv" "xd" in let: "bd" := mul "av" "xd" in ...;; ...%V "b" "bd" end) (λ: "res", (λ: "x" "incr", match: "x" with InjL <> => #() | InjR "x" => let: "xd" := Snd "x" in "xd" <- add ! "xd" "incr" end)%V "res" one))%V "vf" "x";; get_diff "x" {{ f, (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (implements : val → R → iProp Σ), ⌜numSpec zero one add mul implements Ψ RS⌝ -∗ (x : val) (r : R), implements x r -∗ EWP f x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ E ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }} }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
e: val
E: Expr ()
zero, one, add, mul: val

"Hdiff" : diff_spec --------------------------------------□ "He" : IsExp e E --------------------------------------∗ EWP let: "vf" := e (to_struct ADNum) in λ: "a", let: "x" := (λ: "n", InjR ("n", ref zero))%V "a" in (λ: "f" "seed", deep_try_with (λ: <>, "f" "seed") (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := (λ: "x", match: "x" with InjL "x" => match: "x" with InjL <> => zero | InjR <> => one end | InjR "x" => Fst "x" end)%V "a" in let: "bv" := (λ: "x", match: "x" with InjL "x" => match: "x" with InjL <> => zero | InjR <> => one end | InjR "x" => Fst "x" end)%V "b" in match: "op" with InjL <> => let: "x" := (λ: "n", InjR ("n", ref zero))%V (add "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in ...%V "a" "xd";; (λ: "x" "incr", ...)%V "b" "xd" | InjR <> => let: "x" := (λ: "n", InjR ("n", ref zero))%V (mul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := mul "bv" "xd" in let: "bd" := mul "av" "xd" in ...;; ...%V "b" "bd" end) (λ: "res", (λ: "x" "incr", match: "x" with InjL <> => #() | InjR "x" => let: "xd" := Snd "x" in "xd" <- add ! "xd" "incr" end)%V "res" one))%V "vf" "x";; get_diff "x" {{ f, (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (implements : val → R → iProp Σ), ⌜numSpec zero one add mul implements Ψ RS⌝ -∗ (x : val) (r : R), implements x r -∗ EWP f x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ E ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }} }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
e: val
E: Expr ()
zero, one, add, mul: val

"Hdiff" : isExp (λ N : Num, e (to_struct N)) E -∗ isExp (diff (λ N : Num, e (to_struct N))) (∂ E ./ ∂ () .at (λ _ : (), Xₑ)) --------------------------------------□ "He" : IsExp e E --------------------------------------∗ EWP let: "vf" := e (to_struct ADNum) in λ: "a", let: "x" := (λ: "n", InjR ("n", ref zero))%V "a" in (λ: "f" "seed", deep_try_with (λ: <>, "f" "seed") (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := (λ: "x", match: "x" with InjL "x" => match: "x" with InjL <> => zero | InjR <> => one end | InjR "x" => Fst "x" end)%V "a" in let: "bv" := (λ: "x", match: "x" with InjL "x" => match: "x" with InjL <> => zero | InjR <> => one end | InjR "x" => Fst "x" end)%V "b" in match: "op" with InjL <> => let: "x" := (λ: "n", InjR ("n", ref zero))%V (add "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in ...%V "a" "xd";; (λ: "x" "incr", ...)%V "b" "xd" | InjR <> => let: "x" := (λ: "n", InjR ("n", ref zero))%V (mul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := mul "bv" "xd" in let: "bd" := mul "av" "xd" in ...;; ...%V "b" "bd" end) (λ: "res", (λ: "x" "incr", match: "x" with InjL <> => #() | InjR "x" => let: "xd" := Snd "x" in "xd" <- add ! "xd" "incr" end)%V "res" one))%V "vf" "x";; get_diff "x" {{ f, (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (implements : val → R → iProp Σ), ⌜numSpec zero one add mul implements Ψ RS⌝ -∗ (x : val) (r : R), implements x r -∗ EWP f x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ E ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }} }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
e: val
E: Expr ()
zero, one, add, mul: val

"He" : IsExp e E --------------------------------------∗ isExp (λ N : Num, e (to_struct N)) E
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
e: val
E: Expr ()
zero, one, add, mul: val
"Hdiff" : isExp (diff (λ N : Num, e (to_struct N))) (∂ E ./ ∂ () .at (λ _ : (), Xₑ)) --------------------------------------∗ EWP let: "vf" := e (to_struct ADNum) in λ: "a", let: "x" := (λ: "n", InjR ("n", ref zero))%V "a" in (λ: "f" "seed", deep_try_with (λ: <>, "f" "seed") (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := (λ: "x", match: "x" with InjL "x" => match: "x" with InjL <> => zero | InjR <> => one end | InjR "x" => Fst "x" end)%V "a" in let: "bv" := (λ: "x", match: "x" with InjL "x" => match: "x" with InjL <> => zero | InjR <> => one end | InjR "x" => Fst "x" end)%V "b" in match: "op" with InjL <> => let: "x" := (λ: "n", InjR ("n", ref zero))%V (add "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in ...%V "a" "xd";; (λ: "x" "incr", ...)%V "b" "xd" | InjR <> => let: "x" := (λ: "n", InjR ("n", ref zero))%V (mul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := mul "bv" "xd" in let: "bd" := mul "av" "xd" in ...;; ...%V "b" "bd" end) (λ: "res", (λ: "x" "incr", match: "x" with InjL <> => #() | InjR "x" => let: "xd" := Snd "x" in "xd" <- add ! "xd" "incr" end)%V "res" one))%V "vf" "x";; get_diff "x" {{ f, (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (implements : val → R → iProp Σ), ⌜numSpec zero one add mul implements Ψ RS⌝ -∗ (x : val) (r : R), implements x r -∗ EWP f x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜ s =ᵣ eval (map (λ _ : (), r) (∂ E ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }} }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
e: val
E: Expr ()
zero, one, add, mul: val

"He" : IsExp e E --------------------------------------∗ isExp (λ N : Num, e (to_struct N)) E
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
e: val
E: Expr ()
zero, one, add, mul: val
N: Num

"He" : IsExp e E --------------------------------------∗ EWP e (to_struct N) <| ⊥ |> {{ vf, (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec N Ψ RS) (x : val) (r : R), implements x r -∗ EWP vf x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) E)⌝ }} }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
e: val
E: Expr ()
zero, one, add, mul, nzero, none, nadd, nmul: val

"He" : IsExp e E --------------------------------------∗ EWP e (to_struct {| nzero := nzero; none := none; nadd := nadd; nmul := nmul |}) <| ⊥ |> {{ vf, (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec {| nzero := nzero; none := none; nadd := nadd; nmul := nmul |} Ψ RS) (x : val) (r : R), implements x r -∗ EWP vf x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) E)⌝ }} }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
e: val
E: Expr ()
zero, one, add, mul, nzero, none, nadd, nmul: val

"He" : IsExp e E --------------------------------------∗ EWP e (nzero, (none, (nadd, nmul)))%V <| ⊥ |> {{ vf, (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec {| nzero := nzero; none := none; nadd := nadd; nmul := nmul |} Ψ RS) (x : val) (r : R), implements x r -∗ EWP vf x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) E)⌝ }} }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
e: val
E: Expr ()
zero, one, add, mul, nzero, none, nadd, nmul: val

"He" : EWP e (nzero, (none, (nadd, nmul)))%V {{ f, (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (implements : val → R → iProp Σ), ⌜numSpec nzero none nadd nmul implements Ψ RS⌝ -∗ (x : val) (r : R), implements x r -∗ EWP f x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) E)⌝ }} }} --------------------------------------∗ EWP e (nzero, (none, (nadd, nmul)))%V <| ⊥ |> {{ vf, (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec {| nzero := nzero; none := none; nadd := nadd; nmul := nmul |} Ψ RS) (x : val) (r : R), implements x r -∗ EWP vf x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) E)⌝ }} }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
e: val
E: Expr ()
zero, one, add, mul, nzero, none, nadd, nmul: val

v : val, (λ f : val, (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (implements : val → R → iProp Σ), ⌜numSpec nzero none nadd nmul implements Ψ RS⌝ -∗ (x : val) (r : R), implements x r -∗ EWP f x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) E)⌝ }}) v ={⊤}=∗ (λ vf : val, (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec {| nzero := nzero; none := none; nadd := nadd; nmul := nmul |} Ψ RS) (x : val) (r : R), implements x r -∗ EWP vf x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) E)⌝ }}) v
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
e: val
E: Expr ()
zero, one, add, mul, nzero, none, nadd, nmul, f: val

"Hf" : (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (implements : val → R → iProp Σ), ⌜numSpec nzero none nadd nmul implements Ψ RS⌝ -∗ (x : val) (r : R), implements x r -∗ EWP f x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) E)⌝ }} --------------------------------------∗ |={⊤}=> (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec {| nzero := nzero; none := none; nadd := nadd; nmul := nmul |} Ψ RS) (x : val) (r : R), implements x r -∗ EWP f x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) E)⌝ }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
e: val
E: Expr ()
zero, one, add, mul, nzero, none, nadd, nmul, f: val

"Hf" : (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (implements : val → R → iProp Σ), ⌜numSpec nzero none nadd nmul implements Ψ RS⌝ -∗ (x : val) (r : R), implements x r -∗ EWP f x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) E)⌝ }} --------------------------------------∗ |={⊤}=> (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec {| nzero := nzero; none := none; nadd := nadd; nmul := nmul |} Ψ RS) (x : val) (r : R), implements x r -∗ EWP f x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) E)⌝ }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
e: val
E: Expr ()
zero, one, add, mul, nzero, none, nadd, nmul, f: val

"Hf" : (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (implements : val → R → iProp Σ), ⌜numSpec nzero none nadd nmul implements Ψ RS⌝ -∗ (x : val) (r : R), implements x r -∗ EWP f x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) E)⌝ }} --------------------------------------∗ (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec {| nzero := nzero; none := none; nadd := nadd; nmul := nmul |} Ψ RS) (x : val) (r : R), implements x r -∗ EWP f x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) E)⌝ }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
e: val
E: Expr ()
zero, one, add, mul, nzero, none, nadd, nmul, f: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec {| nzero := nzero; none := none; nadd := nadd; nmul := nmul |} Ψ RS

"Hf" : (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (implements : val → R → iProp Σ), ⌜numSpec nzero none nadd nmul implements Ψ RS⌝ -∗ (x : val) (r : R), implements x r -∗ EWP f x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) E)⌝ }} --------------------------------------∗ (x : val) (r : R), implements x r -∗ EWP f x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) E)⌝ }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
e: val
E: Expr ()
zero, one, add, mul, nzero, none, nadd, nmul, f: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
NSpec: NumSpec {| nzero := nzero; none := none; nadd := nadd; nmul := nmul |} Ψ RS
N:= to_Num nzero none nadd nmul: Num

"Hf" : (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (implements : val → R → iProp Σ), ⌜numSpec nzero none nadd nmul implements Ψ RS⌝ -∗ (x : val) (r : R), implements x r -∗ EWP f x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) E)⌝ }} --------------------------------------∗ (x : val) (r : R), implements x r -∗ EWP f x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) E)⌝ }}
by iApply ("Hf" $! R RS RA Ψ implements (numSpec' RS N Ψ NSpec)).
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
e: val
E: Expr ()
zero, one, add, mul: val

"Hdiff" : isExp (diff (λ N : Num, e (to_struct N))) (∂ E ./ ∂ () .at (λ _ : (), Xₑ)) --------------------------------------∗ EWP let: "vf" := e (to_struct ADNum) in λ: "a", let: "x" := (λ: "n", InjR ("n", ref zero))%V "a" in (λ: "f" "seed", deep_try_with (λ: <>, "f" "seed") (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := (λ: "x", match: "x" with InjL "x" => match: "x" with InjL <> => zero | InjR <> => one end | InjR "x" => Fst "x" end)%V "a" in let: "bv" := (λ: "x", match: "x" with InjL "x" => match: "x" with InjL <> => zero | InjR <> => one end | InjR "x" => Fst "x" end)%V "b" in match: "op" with InjL <> => let: "x" := (λ: "n", InjR ("n", ref zero))%V (add "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in ...%V "a" "xd";; (λ: "x" "incr", ...)%V "b" "xd" | InjR <> => let: "x" := (λ: "n", InjR ("n", ref zero))%V (mul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := mul "bv" "xd" in let: "bd" := mul "av" "xd" in ...;; ...%V "b" "bd" end) (λ: "res", (λ: "x" "incr", match: "x" with InjL <> => #() | InjR "x" => let: "xd" := Snd "x" in "xd" <- add ! "xd" "incr" end)%V "res" one))%V "vf" "x";; get_diff "x" {{ f, (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (implements : val → R → iProp Σ), ⌜numSpec zero one add mul implements Ψ RS⌝ -∗ (x : val) (r : R), implements x r -∗ EWP f x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ E ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }} }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
e: val
E: Expr ()
zero, one, add, mul: val
N:= to_Num zero one add mul: Num

"Hdiff" : isExp (diff (λ N : Num, e (to_struct N))) (∂ E ./ ∂ () .at (λ _ : (), Xₑ)) --------------------------------------∗ EWP let: "vf" := e (to_struct ADNum) in λ: "a", let: "x" := (λ: "n", InjR ("n", ref zero))%V "a" in (λ: "f" "seed", deep_try_with (λ: <>, "f" "seed") (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := (λ: "x", match: "x" with InjL "x" => match: "x" with InjL <> => zero | InjR <> => one end | InjR "x" => Fst "x" end)%V "a" in let: "bv" := (λ: "x", match: "x" with InjL "x" => match: "x" with InjL <> => zero | InjR <> => one end | InjR "x" => Fst "x" end)%V "b" in match: "op" with InjL <> => let: "x" := (λ: "n", InjR ("n", ref zero))%V (add "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in ...%V "a" "xd";; (λ: "x" "incr", ...)%V "b" "xd" | InjR <> => let: "x" := (λ: "n", InjR ("n", ref zero))%V (mul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := mul "bv" "xd" in let: "bd" := mul "av" "xd" in ...;; ...%V "b" "bd" end) (λ: "res", (λ: "x" "incr", match: "x" with InjL <> => #() | InjR "x" => let: "xd" := Snd "x" in "xd" <- add ! "xd" "incr" end)%V "res" one))%V "vf" "x";; get_diff "x" {{ f, (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (implements : val → R → iProp Σ), ⌜numSpec zero one add mul implements Ψ RS⌝ -∗ (x : val) (r : R), implements x r -∗ EWP f x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ E ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }} }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
e: val
E: Expr ()
zero, one, add, mul: val
N:= to_Num zero one add mul: Num

"Hdiff" : EWP diff (λ N : Num, e (to_struct N)) N <| ⊥ |> {{ vf, (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec N Ψ RS) (x : val) (r : R), implements x r -∗ EWP vf x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ E ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }} }} --------------------------------------∗ EWP let: "vf" := e (to_struct ADNum) in λ: "a", let: "x" := (λ: "n", InjR ("n", ref zero))%V "a" in (λ: "f" "seed", deep_try_with (λ: <>, "f" "seed") (λ: "args" "k", let: "op" := Fst "args" in let: "a" := Fst (Snd "args") in let: "b" := Snd (Snd "args") in let: "av" := (λ: "x", match: "x" with InjL "x" => match: "x" with InjL <> => zero | InjR <> => one end | InjR "x" => Fst "x" end)%V "a" in let: "bv" := (λ: "x", match: "x" with InjL "x" => match: "x" with InjL <> => zero | InjR <> => one end | InjR "x" => Fst "x" end)%V "b" in match: "op" with InjL <> => let: "x" := (λ: "n", InjR ("n", ref zero))%V (add "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in ...%V "a" "xd";; (λ: "x" "incr", ...)%V "b" "xd" | InjR <> => let: "x" := (λ: "n", InjR ("n", ref zero))%V (mul "av" "bv") in "k" "x";; let: "xd" := get_diff "x" in let: "ad" := mul "bv" "xd" in let: "bd" := mul "av" "xd" in ...;; ...%V "b" "bd" end) (λ: "res", (λ: "x" "incr", match: "x" with InjL <> => #() | InjR "x" => let: "xd" := Snd "x" in "xd" <- add ! "xd" "incr" end)%V "res" one))%V "vf" "x";; get_diff "x" {{ f, (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (implements : val → R → iProp Σ), ⌜numSpec zero one add mul implements Ψ RS⌝ -∗ (x : val) (r : R), implements x r -∗ EWP f x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ E ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }} }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
e: val
E: Expr ()
zero, one, add, mul: val
N:= to_Num zero one add mul: Num

v : val, (λ vf : val, (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec N Ψ RS) (x : val) (r : R), implements x r -∗ EWP vf x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ E ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }}) v ={⊤}=∗ (λ f : val, (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (implements : val → R → iProp Σ), ⌜numSpec zero one add mul implements Ψ RS⌝ -∗ (x : val) (r : R), implements x r -∗ EWP f x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ E ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }}) v
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
e: val
E: Expr ()
zero, one, add, mul: val
N:= to_Num zero one add mul: Num
f: val

"Hf" : (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec N Ψ RS) (x : val) (r : R), implements x r -∗ EWP f x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ E ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }} --------------------------------------∗ |={⊤}=> (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (implements : val → R → iProp Σ), ⌜numSpec zero one add mul implements Ψ RS⌝ -∗ (x : val) (r : R), implements x r -∗ EWP f x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ E ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
e: val
E: Expr ()
zero, one, add, mul: val
N:= to_Num zero one add mul: Num
f: val

"Hf" : (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec N Ψ RS) (x : val) (r : R), implements x r -∗ EWP f x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ E ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }} --------------------------------------∗ |={⊤}=> (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (implements : val → R → iProp Σ), ⌜numSpec zero one add mul implements Ψ RS⌝ -∗ (x : val) (r : R), implements x r -∗ EWP f x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ E ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
e: val
E: Expr ()
zero, one, add, mul: val
N:= to_Num zero one add mul: Num
f: val

"Hf" : (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec N Ψ RS) (x : val) (r : R), implements x r -∗ EWP f x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ E ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }} --------------------------------------∗ (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (implements : val → R → iProp Σ), ⌜numSpec zero one add mul implements Ψ RS⌝ -∗ (x : val) (r : R), implements x r -∗ EWP f x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ E ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
e: val
E: Expr ()
zero, one, add, mul: val
N:= to_Num zero one add mul: Num
f: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
implements: val → R → iProp Σ
H: numSpec zero one add mul implements Ψ RS

"Hf" : (R : Set) (RS : RingSig R) (_ : IsRing R) (Ψ : iEff Σ) (NSpec : NumSpec N Ψ RS) (x : val) (r : R), auto_diff.implements x r -∗ EWP f x <| Ψ |> {{ y, s : R, auto_diff.implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ E ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }} --------------------------------------∗ (x : val) (r : R), implements x r -∗ EWP f x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ E ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
e: val
E: Expr ()
zero, one, add, mul: val
N:= to_Num zero one add mul: Num
f: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
implements: val → R → iProp Σ
H: numSpec zero one add mul implements Ψ RS

"Hf" : (NSpec : NumSpec N Ψ RS) (x : val) (r : R), auto_diff.implements x r -∗ EWP f x <| Ψ |> {{ y, s : R, auto_diff.implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ E ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }} --------------------------------------∗ (x : val) (r : R), implements x r -∗ EWP f x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ E ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
e: val
E: Expr ()
zero, one, add, mul: val
N:= to_Num zero one add mul: Num
f: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
implements: val → R → iProp Σ
H: numSpec zero one add mul implements Ψ RS

"Hf" : (x : val) (r : R), auto_diff.implements x r -∗ EWP f x <| Ψ |> {{ y, s : R, auto_diff.implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ E ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }} --------------------------------------∗ (x : val) (r : R), implements x r -∗ EWP f x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ E ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
e: val
E: Expr ()
zero, one, add, mul: val
N:= to_Num zero one add mul: Num
f: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
implements: val → R → iProp Σ
H: numSpec zero one add mul implements Ψ RS
x: val
X: R

"Hf" : (x : val) (r : R), auto_diff.implements x r -∗ EWP f x <| Ψ |> {{ y, s : R, auto_diff.implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), r) (∂ E ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }} "Hx" : implements x X --------------------------------------∗ EWP f x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), X) (∂ E ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
e: val
E: Expr ()
zero, one, add, mul: val
N:= to_Num zero one add mul: Num
f: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
implements: val → R → iProp Σ
H: numSpec zero one add mul implements Ψ RS
x: val
X: R

"Hf" : EWP f x <| Ψ |> {{ y, s : R, auto_diff.implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), X) (∂ E ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }} --------------------------------------∗ EWP f x <| Ψ |> {{ y, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), X) (∂ E ./ ∂ tt .at (λ _ : (), Xₑ)))⌝ }}
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
e: val
E: Expr ()
zero, one, add, mul: val
N:= to_Num zero one add mul: Num
f: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
implements: val → R → iProp Σ
H: numSpec zero one add mul implements Ψ RS
x: val
X: R

v : val, (λ y : val, s : R, auto_diff.implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), X) (∂ E ./ ∂ tt .at (λ _ : (), Xₑ)))⌝) v ={⊤}=∗ (λ y : val, s : R, implements y s ∗ ⌜s =ᵣ eval (map (λ _ : (), X) (∂ E ./ ∂ tt .at (λ _ : (), Xₑ)))⌝) v
Σ: gFunctors
R₁: cgraphG Σ
R₂: heapG Σ
e: val
E: Expr ()
zero, one, add, mul: val
N:= to_Num zero one add mul: Num
f: val
R: Set
RS: RingSig R
RA: IsRing R
Ψ: iEff Σ
implements: val → R → iProp Σ
H: numSpec zero one add mul implements Ψ RS
x: val
X: R

v : val, ( s : R, implements v s ∗ ⌜s =ᵣ eval (map (λ _ : (), X) (∂ E ./ ∂ tt .at (λ _ : (), Xₑ)))⌝) ={⊤}=∗ s : R, implements v s ∗ ⌜s =ᵣ eval (map (λ _ : (), X) (∂ E ./ ∂ tt .at (λ _ : (), Xₑ)))⌝
by iIntros (y) "Hy". Qed. End hh_implementation.